Too Many Request Error but didn't create any certs?

this is my error:

Requesting new certificate order…
new-order error: HTTP/1.1 100 Continue
Expires: Mon, 08 Apr 2019 20:40:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache

HTTP/1.1 429 Too Many Requests
Server: nginx
Content-Type: application/problem+json
Content-Length: 266
Boulder-Requester: 44558126
Link: ;rel=“index”
Replay-Nonce: IrCBgMqLuJc_SJwRbbtXWfbIsiVyP_t01fOcBT9IpCM
Expires: Mon, 08 Apr 2019 20:40:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 08 Apr 2019 20:40:26 GMT
Connection: close

“type”: “urn:ietf:params:acme:error:rateLimited”,
“detail”: “Error creating new order :: too many certificates already issued for exact set of domains:, see”,
“status”: 429
}. Exiting…

but according to I didn’t issue any today so why I can’t create a new one ?

If there are too many existing how can I get the private key ?
I would really appreciate help.

Hi @Ari-k, welcome to the community forum :wave:

It's not obvious but you need to update your query to use a %. wildcard prefix. E.g.

Doing that will show five identical certificates issued on 2019-04-07 in the output. That matches the duplicate certificate rate limit and the error message you received.

Do you know how those certificates were created?

Yesterday 2019-04-07 I was canceling hosting which was with a certificate. When I was done and moved to new hosting I tried to issue the certificate through them but I was getting the same error back.
I have an option to manually add SSL but I can’t access the existing certifications nor can I create a new one. I’m in a loop :frowning:

What can I do ?
Can I prove that I own the domain and get access to those existing somehow? or revoke/ delete them and issue a new one ?

Nope, Let's Encrypt doesn't ever possess users' private keys—they exist only on your own server. If you don't have appropriate access to the server or if the private key has been deleted, there's no way that we can get you access to the private key.

Also, as our rate limits page explains,

Revoking certificates does not reset rate limits, because the resources used to issue those certificates have already been consumed.

You'll need to wait a week, or issue a certificate containing a different combination of names, or request a certificate from a different CA.

1 Like

how can I do that?

what other CA have a free cert I can use for a week while waiting ?

You could add an extra subdomain like; in that case this rate limit wouldn't prevent the issuance of the certificate for all three names.

I've never used it, but I know Buypass Go SSL is a free publicly-trusted certificate provider that's compatible with the ACME protocol that Let's Encrypt uses.

Thank you for the idea of using another CA. In the end I used and their shared SSL that comes with a free plan. Website is secure again :slight_smile:

You also need a valid certificate on your origin server to secure the connection between Cloudflare’s CDN servers and the origin.

For that, you can use Let’s Encrypt (returning to the original problem), another CA, or Cloudflare’s Origin CA.

Without a valid certificate on the origin, and the SSL setting in Cloudflare’s dashboard set to “Full (strict)”, the website isn’t fully secure.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.