Remove Rate Limit Restriction

crimp · February 12, 2019, 6:52pm

I tried to install SSL certificate with Siteground for a new domain, but It never worked and after several attempts the host said It had a limit.

Is there anyway I can remove this restriction and try again?

My host Said I need to wait a few days, but I dont have a few days andI need to resolve this urgently. The issue is all the old URLS are looking for the SSL link.

My domain is: https://craignicolfitness.com/

---------------- Note from my host --------------------

It seems that you have made too many attempts to issue the certificate and it got limited from Let’s Encrypt directly:

Code:

ACME error: 429 Too Many Requests (429 urn:ietf:params:acme:error:rateLimited (The request exceeds a rate limit) (Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/

This is not a limit imposed by us, but directly from Let’s Encrypt’s servers. Unfortunately, you won’t be able to issue a certificate until the rate limit has been removed from their end. This usually happens within a few days.

You can learn more about the limits at - https://letsencrypt.org/docs/rate-limits

I would recommend not to try to issue any further certificates for a few days and after that you can try once again (only once). If the issue persists, please let us know so we can look into it further.

My domain is: https://craignicolfitness.com/

I ran this command: Tried tp upgrade domain to SSL TLS Encrypt, but it didnt work so tried several time.s

It produced this output: ACME error: 429 Too Many Requests (429 urn:ietf:params:acme:error:rateLimited (The request exceeds a rate limit) (Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/

My web server is (include version): Siteground

The operating system my web server runs on is (include version):
Linux evm1043.sgvps.net 3.12.18-clouder0 #1 SMP Wed Mar 28 14:22:08 EEST 2018 x86_64 x86_64 x86_64 GNU/Linux

My hosting provider, if applicable, is: Siteground

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): cpanel

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

mnordhoff · February 12, 2019, 6:55pm

Please answer the other questions.

Which rate limits are you encountering?

Let’s Encrypt doesn’t have a way to reset them. Some can be worked around. Others you just have to wait out.

In the long term, if you need to issue more certificates than works with the default rate limits, you can apply for a rate limit increase, but it will take a while to process.

Edit:

The failed authorizations rate limit lasts one hour. You can try again soon.

Still, please answer the other questions. And what’s the original error message? Why have the validation attempts been failing?

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

JuergenAuer · February 12, 2019, 7:25pm

Hi @crimp

you have a curious configuration. Checked, but first there is another thing:

There is already a valide certificate:

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:false;domain:craignicolfitness.com&lu=cert_search

created 10.01.2019, valide 10.04.2019.

But you don't use this certificate. Where is this certificate? Is it possible to use it?

Instead, there are redirects http -> Facebook. Your non-www https uses

CN=3tierscreative.co.uk
	20.01.2019
	20.04.2019
expires in 67 days	3tierscreative.co.uk, www.3tierscreative.co.uk - 2 entries

from Letsencryt. Your www-https uses

CN=*.sgvps.net, OU=Domain Control Validated
	23.10.2018
	22.12.2019
expires in 313 days	*.sgvps.net, sgvps.net - 2 entries

from AlphaSSL (via https://check-your-website.server-daten.de/?q=craignicolfitness.com ).

So it looks that you have different vHosts. One may be your own domain, the Alpha-SSL: Is this your hoster?

crimp · February 12, 2019, 11:34pm

The issue is I have just taken the domain on and I was having issues installing SSL. On this occasion it was never adding properly, so I kept trying via my cpanel. That is why I got this issue.

How long does this restriction take? Is it a few days or a week as some posts say? I cant get the website live until I get the SSL installed.
https://www.craignicolfitness.com/
https://craignicolfitness.com/

I also dont want to retry too early, so any indication would be great.

Really appreciate any help.

_az · February 12, 2019, 11:37pm

The specific limit you hit - one hour.

You can retry all you want, it won't make extend your rate limit if you already hit it.

crimp · February 12, 2019, 11:38pm

I have tried 10 Hours ago, then retried 4 hours ago and it is still not working. My host said a few days and some people here are saying wait it out for 7 days. I really cant wait that long… should I just keep retrying every day? Will that need just keep locking me out longer. Sorry this is new to me.

I own 100+ domains and never had this issue.

_az · February 12, 2019, 11:41pm

What's the actual error you see most recently?

This is definitely only a one hour limit.

Just to provide some context, Siteground had serious problems with their integration during the past year:

It's possible that their system is continually trying to issue your certificate in the background which is why you persistently see that particular rate limit.

This one is a question only @SiteGround support can solve, I think.

crimp · February 12, 2019, 11:56pm

That is interesting after reading all the issues with Siteground. They are a great host, but I have had some issues with Lets Encrypt adding SSL. I will contact them and see what I can do.

thanks

JuergenAuer · February 13, 2019, 7:27am

You can check your certificates created with a CT log.

https://transparencyreport.google.com/https/certificates

If there is no new certificate created, the limit is this:

There is a Failed Validation limit of 5 failures per account, per hostname, per hour.

SiteGround · February 15, 2019, 1:28pm

Hello Crimp,

We checked your case and we can see that out techs have assisted with the certificate installations where you have encountered issues. All domains for which you requested help have Let’s Encrypt installed successfully.

We have also asked our Administrators’ and DevOps teams to review your account and make sure that everything on the server side for using Let’s Encrypt is working normally. They have made sure that automatic installation and renewals are functioning as expected and added some adjustments to the setup so you should not face similar issues in the future.

We remain at your disposal to help with any other questions you may have.

Regards,
SiteGround Team

system · March 17, 2019, 1:28pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.