Too many certificate│README already issued for exact set of domains

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:https://www.taobiwangluo.com/

I ran this command:
./certbot-auto --server https://acme-v02.api.letsencrypt.org/directory -d "*.xxxxx.com" -d "xxxxx.com" --manual --preferred-challenges dns-01 certonly --renew

It produced this output:
too many certificate│README already issued for exact set of domains

My web server is (include version):linux -centos7

因为我设置了 cdn,每次生成的 证书内容好像是从cdn上获取的,现在把cdn关了后,因为之前生成证书次数太多,不能再次生成证书。但网站已上线运营。希望能得到你们的帮助。让我能申请到最新的证书。非常感谢。

1 Like

Welcome Back to the Let's Encrypt Community :slightly_smiling_face:

You hit the duplicate certificate rate limit:

Renewals are treated specially: they don’t count against your Certificates per Registered Domain limit, but they are subject to a Duplicate Certificate limit of 5 per week. Note: renewals used to count against your Certificate per Registered Domain limit until March 2019, but they don’t anymore. Exceeding the Duplicate Certificate limit is reported with the error message too many certificates already issued for exact set of domains.

1 Like

I can help you out of this, but you need to follow the instructions carefully...

1 Like

thanks very much, what can i do

I've done some checking.

Is your website www.taobiwangluo.com or xxxxx.com?

1 Like

www.taobiwangluo.com
and I ran this command
./certbot-auto --server https://acme-v02.api.letsencrypt.org/directory -d "*.taobiwangluo.com" -d "taobiwangluo.com" --manual --preferred-challenges dns-01 certonly --renew

Good. :slightly_smiling_face:

I can really help you well then.

1 Like

To begin, your certificate is valid until January 7, 2021 and the rate-limit will be lifted in two days. You don't need to get a new certificate for 2 months, so no need to worry.

I'm going to give you a better command to use and a way for you to practice it so you know it will work when you need it two months from now.

1 Like

i use delete ,now i have no certificate。maybe i need a new? :joy:

Can you run something now on your server?

1 Like

image

Try this:
./certbot-auto certificates

1 Like

I'm assuming it will be empty.

1 Like

Here's how to solve this:

You will need access to the DNS for taobiwangluo.com.

Run the following and add the TXT records it asks for to your DNS:
./certbot-auto certonly --manual --preferred-challenges dns -d "taobiwangluo.com,*.taobiwangluo.com,onemorecert.taobiwangluo.com" --keep-until-expiring

1 Like

Let me know how this goes. I'll check back later. :slightly_smiling_face:

1 Like

the website is ok,but the cdn is bad. i want to add cdn,

Alright, let's try again:

./certbot-auto certonly --manual --preferred-challenges dns -d "taobiwangluo.com,*.taobiwangluo.com,one.more.cert.taobiwangluo.com" --keep-until-expiring

1 Like

Are you needing a subdomain for the CDN or something? I'm not sure what you need for that.

1 Like

this looks ok,let me try,thanks you very much

1 Like