Too many certificates already issued

Hello, i used Cloudflare, 2024-01-17 I left them and changed my DNS records and IP address
I needed to reissue the certificate
When trying to release, I got the error: Error creating new order :: too many certificates already issued for " ". Retry after 2024-01-19T19:00:00Z: see Rate Limits - Let's Encrypt
I use the ISPmanager panel and the certificate is issued automatically once every 3 months
By going to the log - I found a large number of certificates that I did not issue, I did not do it
Could someone else have issued a certificate for my domain?
Please tell me what to do with this and how do I issue a certificate now?

My domain is:

It produced this output: too many certificates already issued for ""

My web server is (include version): Apache 2.4.52-1ubuntu4.7

The operating system my web server runs on is (include version): Ubuntu 22

I can login to a root shell on my machine (yes or no, or I don't know): Да

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): ISPmanager 6.90.0

To get a Let's Encrypt cert someone must be able to modify your DNS settings and/or make changes to the files on your webserver. They then must use an ACME Client to request a cert while making specific changes to your DNS and/or webserver.

Do you think someone has that ability?

Which of the domain names in that long list do you think are wrong?


I used the Cloudflare service from 2023-09-21 to protect the site and specified their DNS, that is, they had full control over the management
I refused their services 2024-01-17
I believe that all certificates issued since 2023-09-21 are incorrect (not issued by me)
My certificates were issued only for , , And that's it, I didn't let them out anymore
From id 10617661653 to 11747247558

What about - is that yours too? There are two certs with that name issued today

And, your domain has no A or AAAA record for its IP. Is that still a name you want a cert for? Because you will either need to add one of these records or use a DNS Challenge.

You are Rate Limited because there were more than 50 different certs using that same root domain (see docs here).

This can happen when a root domain is shared. Is it? Are you the owner of that domain name?

If you are the owner then I don't have a good explanation for why so many. You may need to ask on the Cloudflare Community. If you didn't request the cert with today either then your current system has a problem too.

Cert History:


I'm sorry, Also mine
I didn't know why I couldn't issue the certificate and tried to issue it several times, including to another subdomain(

I am the owner of the domain And I don't use it anymore

I have now received a message that the certificate is for successfully issued

I have now issued the certificate I need and received the message Retry after 2024-01-21T00:00:00Z
Do I just have to wait and get a certificate?

I'll try to go to the Cloudflare community to find out who initiated the release of a large number of domains

Yes, try again after that date. There are 50 unique certs issued for your root domain. It is more easily seen at the Let's Debug cert search than the list. That is the rate limit affecting you.

Some good news is once these many certs for other names become older than 1 week they will not affect your rate limit anymore. It is a rolling 7-day (168 hour) limit so each day will be better.

You should continue to monitor though to ensure no unexpected certs get issued. The Let's Debug Cert Search is very nice but only shows Let's Encrypt certs. shows all certs like the one issued by Google on Jan17. This wildcard cert was probably requested by Cloudflare on your behalf if you proxied that name there.

Another possibility is to look at the security of your ISP Manager system. If it had DNS security access to your Cloudflare account maybe something went wrong there.


Thank you so much for your help

I wrote to the cloudflare community and ispmanager, I will wait for answers, as soon as I find out who did it, I will write, it may be useful to other users

Other domains are also located on my server running ISPmanager, for example they don't use cloudflare and they don't have that problem - |

I think cloudflare did it.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.