Return code: 429

Hello, for 3 days now I have a problem with obtaining an ssl certificate Let’s Encrypt
The site cannot work for 3 days. I tried to recreate, it does not help. Please tell me how you can fix this problem.

Запрос на проверку завершился неудачей
Return code: 429

Details: Error creating new order :: too many certificates already issued for exact set of domains: inrin.net,www.inrin.net: see https://letsencrypt.org/docs/rate-limits/

1 Like

Welcome to the Let's Encrypt Community, Yuki :slightly_smiling_face:

It means you have had 5 certificates issued within the last 7 days for inrin.net and www.inrin.net.

Renewals are treated specially: they don’t count against your Certificates per Registered Domain limit, but they are subject to a Duplicate Certificate limit of 5 per week. Note: renewals used to count against your Certificate per Registered Domain limit until March 2019, but they don’t anymore. Exceeding the Duplicate Certificate limit is reported with the error message too many certificates already issued for exact set of domains.


Complete Certificate History

https://crt.sh/?Identity=inrin.net&deduplicate=Y


The problem is that most of the time "recreating" results in deleting the private keys corresponding to issued certificates, which makes usage of those certificates impossible. I recommend creating a new help topic (the same way you created this topic) then filling out the form you are presented as best you can. Please state in that form that you know you hit the Duplicate Certificate Limit, but that you need help getting your webserver configured correctly. We can then help you use the staging (testing) environment to get things working and install a staging certificate to test. Once things are working properly, we will then help you install a real certificate.

2 Likes

When can I get a new certificate?

5 certificates were used accidentally while configuring the server. Now the server is configured and I'm ready to receive only 1 stable certificate. Is it possible?

What did you use to acquire the other 5 certificates?

2 Likes

5 certificates were used and deleted accidentally when configuring the server

Can I get just 1? I only need 1 certificate. My site has been down for 3 days.

This is why there's a test server, which is what you're supposed to use for testing to avoid blowing the rate limits. You can issue another cert in seven days from the time when you issued the first one.

5 Likes

You will have to wait until the rate limit clears. It acts as a sliding window so you should be able to issue again on 2020-11-09. Alternatively, you can add another domain name to create a unique certificate but you will either have to:

  • maintain the DNS and challenges for that additional domain (for renewals)
  • or use that cert for a few days and wait until the rate limit clears to generate the certificate you actually want

Don't forget to double check your renewal automation once you get it sorted out and consider registering with an email so you can get expiration mails in case your system or automation has issues.

For future reference, you can use the staging servers to test new certificates and configurations (your client should have documentation on how to do that).

4 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.