Ssl rate limit - too many certificates

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: logisch-stmk.at

I ran this command:create free ssl certificate

It produced this output:

SSL/TLS-Zertifikat konnte für logisch-stmk.at nicht ausgestellt werden.
Details:

Let's Encrypt-SSL/TLS-Zertifikat konnte nicht ausgestellt werden für logisch-stmk.at .

Eine der Ratenbegrenzungen von Let's Encrypt wurde überschritten für logisch-stmk.at .
Einzelheiten dazu finden Sie im zugehörigen Artikel der Wissensdatenbank.
Details

Invalid response from https://acme-v02.api.letsencrypt.org/acme/new-order.

Details:

Type: urn:ietf:params:acme:error:rateLimited

Status: 429

Detail: Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: logisch-stmk.at,www.logisch-stmk.at: see Rate Limits - Let's Encrypt

My web server is (include version): Plesk Obsidian 18.0.42

The operating system my web server runs on is (include version):Ubuntu 20.04

My hosting provider, if applicable, is: hosteurope

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Plesk

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
lets encrypt 3.0.0-785
ssl it 1.10.0-1466 (which is connecting to lets encrypt)

and we waited from friday to monday, tuesday to try again
still the same message

You have issued 5 identical (and working) certificates just 4 days ago. Let's Debug Toolkit

Why aren't you using one of those?

1 Like

how? I had to delete them from plesk to create one again
If i go to management there none visible, what limit is active?
I don`t get it really what is blocking now and how long we have to wait to be able to create a new

do you have any backups?

if not, wait 3-4 more days. in the meantime you can use the staging environment to understand what went wrong and why you thought issuing more certificates was a solution.

Thank you i already checked this,
but i am not sure where to find it in plesk
https://acme-staging-v02.api.letsencrypt.org/directory
i tried to search but can not see it :frowning:

1 Like

acme-directory-url

https://docs.plesk.com/en-US/obsidian/administrator-guide/plesk-administration/managing-let’s-encrypt-settings.78586/

2 Likes

I read this, but where do i find it?
In the settings it is only
"https://acme-v02.api.letsencrypt.org/directory" as it works for several domains i guess

It works for this too. (NB: you don't want to use staging for a certificate that already has a valid certificate)

What doesn't work has nothing to do with issuing the certificate, and everything to do with how your software decided to install it and where.

2 Likes

I don't follow. You had to delete the certificate to create the certificate again. That doesn't make sense. Why would you have to create a new certificate in the first place? What was wrong with the first one? Or second. Or third. Or fourth. Or fifth?

3 Likes

the site didn`t work.
The id is this shown on https://crt.sh/?

https://crt.sh/ -> crt.sh ID is it the same as XYZ?
https://acme-v02.api.letsencrypt.org/acme/authz/XYZ

No, they're independent numbers. Search by domain or certificate serial number.

2 Likes

That's not a valid reason to delete perfectly fine certificates..

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.