Too many certificates already issued for exact set of domains


Im testing my application and want to generate the same cert again to see our functionality but in the local boulder server I notice that we have hit the rate-limit and it states “too many certificates already issued for exact set of domains” error,

How can I correct this from happening again without waiting until the rate-limit period is gone (assuming 1 week)? Please help so can I proceed with testing and unblock.

Thanks in advance.

1 Like

Hi @sdivyareddy216,

By "local Boulder server", do you mean that you have your own certificate authority that you've created for testing purposes? You didn't get this error from the public Let's Encrypt service?

By local boulder - I meant “An ACME CA” -

Sorry, I still didn’t understand whether you’re running your own certificate authority for testing or using the Let’s Encrypt certificate authority.

Our own CA in lab based out of boulder

Thanks, I would ask @cpu or @jsha what ought to be changed in your Boulder instance’s backend database to override this rate limit.

The workaround that we normally suggest for the public Let’s Encrypt service is to create a certificate with an additional subdomain, in which case the “exact set of domains” rate limit no longer applies. If we can’t find information about changing your rate limit policy quickly enough, you could also use this workaround for your own testing purposes.

1 Like

If you want to delete your whole database and start from scratch:

docker-compose down

If you want to set it so there are no rate limits, overwrite rate-limit-policies.yml with an empty file:

echo > test/rate-limit-policies.yml

Thanks @jsha, it worked.


Depending on your needs you might find life is easier building your lab around Pebble instead of Boulder. As one example it doesn't enforce any rate limits :slight_smile:


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.