"There were too many requests of a given type..."

My domain is: *

I ran this command: certbot --authenticator webroot --installer nginx

It produced this output: An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many certificates already issued for multiple names ("*" and 5 others). Retry after 2023-12-07T15:00:00Z: see Rate Limits - Let's Encrypt
Please see the logfiles in /var/log/letsencrypt for more details.

My web server is (include version): nginx/1.25.3

The operating system my web server runs on is (include version): debian 11

My hosting provider, if applicable, is: limestonenetworks

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.12.0

Hey! yesterday I created about twenty/thirty certificates for different subdomains on different servers, today I wanted to create new ones but now I have this error that prevents me from doing so until... December 7th.

However, the certificates were created correctly yesterday and I didn't get any error. Is there a limit to the number of certificates that can be created, even after successful creation?

Also, I have lots of servers with lots of different sub-domains. Is it possible to create a wildcard certificate (I understood that I could create a wildcard certificate on one server, but how do I simply distribute it to my other servers afterwards?)

Thank you in advance

Yes. Please read the rate limit documentation linked in the error message.

Oh sorry, I misread the part about the 50 certificates per week.

Do you think it would be more suitable to create a wildcard in my case? But I'm still wondering how to distribute the certificate to all my other servers afterwards.

I'd say a wildcard would be ideal here.

That's indeed an issue. You could perhaps use rsync or NFS. There are also applications like GitHub - hashicorp/vault: A tool for secrets management, encryption as a service, and privileged access management, but I'm not sure if that's free of charge. Seems to be open source though.

Thank you so much, I'll find out more.

Also, just what kind of scale are you talking about? If you're not going to be adding new names at 50 per week, but are just trying to migrate an existing set of names, can you just slowly ramp up by 50 each week? Or maybe split the load between Let's Encrypt and some other free ACME CAs? Or are there so many names that that approach wouldn't help out enough?

Yes, yes, I'm intrigued...
What are you doing to need so many certs so often [for that same domain]?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.