Test certificate doesn't chage in active certificates

System: Ubuntu – Server 16.04
Domain: heli-erh.selfhost.eu
Web server: apache /2.4.18

In the beginning I had obviously some configuration faults and got finally the meassage: …“ too many certificates already issued for: heli-…“ Actually I haven’t got any valid certificate

After recognizing, that webroot needs write access to my server I made some more tests using the staging command:
~# certbot certonly --staging --webroot -w /var/www/nextcloud/ -d www.heli-erh.selfhost.eu -d heli-erh.selfhost.eu

and got finally certificates, which are declared „INVALID: TEST_CERT“ and work as bad as my self generated ones.

Trying to get a certificate without staging I still got the message: „ … too many certificates issued“
So I waited 7 days and tried it again:
~# certbot certonly --webroot -w /var/www/nextcloud/ -d www.heli-erh.selfhost.eu -d heli-erh.selfhost.eu
System answer:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Cert not yet due for renewal
You have an existing certificate that has exactly the same domains or certificate name you requested and isn’t close to expiry.
(ref: /etc/letsencrypt/renewal/www.heli-erh.selfhost.eu.conf)
What would you like to do?

1: Keep the existing certificate for now
2: Renew & replace the cert (limit ~5 per 7 days)

Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 2
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for www.heli-erh.selfhost.eu
http-01 challenge for heli-erh.selfhost.eu
Using the webroot path /var/www/nextcloud for all unmatched domains.
Waiting for verification…
Cleaning up challenges
An unexpected error occurred:
There were too many requests of a given type :: Error creating new cert :: too many certificates already issued for: selfhost.eu: see https://letsencrypt.org/docs/rate-limits/
Please see the logfiles in /var/log/letsencrypt for more details.

Tomorrow the next 7 days are over. What shall I do to get a valid certificates?

It appears selfhost.eu isn’t on the public suffix list. Therefore, every subdomain of selfhost.eu counts towards the maximum certificates per domain limit.

If selfhost.eu is a domain which issues subdomains to multiple users, it might be a candidate for the public suffix list and the owner could submit an amendment to the list.

Thank you Osiris for this prompt reply
I will double check with my DNS provider

selfhost.eu did not answer my support request. So I changed to duckdns and everything works fine.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.