Hello, i used Cloudflare, 2024-01-17 I left them and changed my DNS records and IP address
I needed to reissue the certificate
When trying to release, I got the error: Error creating new order :: too many certificates already issued for "brunj.ru ". Retry after 2024-01-19T19:00:00Z: see Rate Limits - Let's Encrypt
I use the ISPmanager panel and the certificate is issued automatically once every 3 months
By going to the log - https://crt.sh/?q=brunj.ru I found a large number of certificates that I did not issue, I did not do it
Could someone else have issued a certificate for my domain?
Please tell me what to do with this and how do I issue a certificate now?
To get a Let's Encrypt cert someone must be able to modify your DNS settings and/or make changes to the files on your webserver. They then must use an ACME Client to request a cert while making specific changes to your DNS and/or webserver.
Do you think someone has that ability?
Which of the domain names in that long crt.sh list do you think are wrong?
I used the Cloudflare service from 2023-09-21 to protect the site and specified their DNS, that is, they had full control over the management
I refused their services 2024-01-17
I believe that all certificates issued since 2023-09-21 are incorrect (not issued by me)
My certificates were issued only for brunj.ru , www.brunj.ru , nicolaa.brunj.ru And that's it, I didn't let them out anymore
From id 10617661653 to 11747247558
What about test.brunj.ru - is that yours too? There are two certs with that name issued today
And, your nicolaa.brunj.ru domain has no A or AAAA record for its IP. Is that still a name you want a cert for? Because you will either need to add one of these records or use a DNS Challenge.
You are Rate Limited because there were more than 50 different certs using that same root domain brunj.ru (see docs here).
This can happen when a root domain is shared. Is it? Are you the owner of that domain name?
If you are the owner then I don't have a good explanation for why so many. You may need to ask on the Cloudflare Community. If you didn't request the cert with test.brunj.ru today either then your current system has a problem too.
I'm sorry, test.brunj.ru Also mine
I didn't know why I couldn't issue the certificate and tried to issue it several times, including to another subdomain(test.brunj.ru)
Yes, try again after that date. There are 50 unique certs issued for your root domain. It is more easily seen at the Let's Debug cert search than the crt.sh list. That is the rate limit affecting you.
Some good news is once these many certs for other names become older than 1 week they will not affect your rate limit anymore. It is a rolling 7-day (168 hour) limit so each day will be better.
You should continue to monitor crt.sh though to ensure no unexpected certs get issued. The Let's Debug Cert Search is very nice but only shows Let's Encrypt certs. crt.sh shows all certs like the one issued by Google on Jan17. This wildcard cert was probably requested by Cloudflare on your behalf if you proxied that name there.
Another possibility is to look at the security of your ISP Manager system. If it had DNS security access to your Cloudflare account maybe something went wrong there.
I wrote to the cloudflare community and ispmanager, I will wait for answers, as soon as I find out who did it, I will write, it may be useful to other users
Other domains are also located on my server running ISPmanager, for example mocraft.ru they don't use cloudflare and they don't have that problem - crt.sh | mocraft.ru