Revoked, but still got the error Too many certificates already issued for:


#1

I want to renew 6 certs and it is understood that would trigger the error of the rate limit - 5 per week.

But I have already revoked some of them successfully and thought that would make the consumption of the certs below the quota. Why does the error still show up?

Since we have to renew certs every 3 months (i.e., about 13 weeks meaning 13 * 5 = 65 certs), why don’t you just impose the rate limit of 65 certs per quarter? That would be more convenient for the site operators because they can renew all the 65 certs once a quarter instead of 5 every week.


#2

Hello @DevelopDaily,

You get the error because revoking a cert has no effect on rate limits. Anyway, a few days ago Let’s Encrypt implemented an update into the boulder (server part of Let’s Encrypt) that will allow to renew a cert without increasing the rate limit for your domain (the renew should be for exactly the same cert, if you want to add or remove a domain in the cert it will increase the issued certs for your domain). As I said, this feature is already implemented in boulder but they need to fill the database with all the previously issued certs so, it could take a few days but they will announce this new feature here.

Cheers,
sahsanu


Help with renewing certificate
#3

But can it be a different private key?


#4

Hello @TCM,

Sorry but I’ve no idea how it has been implemented, maybe @jsha could give us the details ;).

Cheers,
sahsanu


#5

yes as long as the cert as the same set of fqdn names.


#6

Yes, @Nit is correct. It can be any private key you like, so long as the set of FQDNs is the same.