Unable to renew cert, too many certificates

I had to restore my AWS Lightsail Wordpress site back to March so the cert is now expired, but when I try to renew the cert I get an error that I've tried to renew too many times.

My domain is: techhelpfornonprofits.org

I ran this command:
sudo /opt/bitnami/ctlscript.sh stop

sudo /opt/bitnami/letsencrypt/lego --tls --email="techhelpfornonprofits@gmail.com" --domains="techhelpfornonprofits.org" --path="/opt/bitnami/letsencrypt" renew --days 90

sudo /opt/bitnami/ctlscript.sh start

It produced this output:

Obtaining bundled SAN certificate
2024/08/07 21:49:43 acme: error: 429 :: POST ::
https://acme-v02.api.letsencrypt.org/acme/new-order ::
urn:ietf:params:acme:error:rateLimited :: Error creating new order :: too many
certificates (5) already issued for this exact set of domains in the last 168
hours: techhelpfornonprofits.org,www.techhelpfornonprofits.org, retry after
2024-08-08T08:33:16Z:

My web server is (include version): Wordpress

The operating system my web server runs on is (include version): AWS Linux 2

My hosting provider, if applicable, is: AWS Lightsail

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): using bncert-tool

You should be able to use any of the issued certificates, assuming the associated private key is still available.

You can retry at the time highlighted above (at most in a week) in the meantime use the staging environment for testing so as to not run into this limit.

2 Likes

Not just "tried to renew". You actually got 4 certs yesterday.

You will be able to get one more cert after that date / time (about 10 hours from now). But, please be careful with it. You only get 5 per week with the same domain names (per account).

But, as Bruce pointed out why can't you just use the ones you got yesterday?

4 Likes

Thanks Bruce and Mike for responding. When I restored my site yesterday it didn't work so I tried to renew the cert. How can I use one of the other certs?

1 Like

Do you still have the private key?

2 Likes

Just looking at the docs for bitnami / lego says below. Do you still have those files?

A set of certificates will now be generated in the /opt/bitnami/letsencrypt/certificates directory. This set includes the server certificate file DOMAIN.crt and the server certificate key file DOMAIN.key.

3 Likes

Yes, I just located it.

1 Like

I found the techhelpfornonprofits.org.crt file. It has two certificates in it.

2 Likes

That is probably your "leaf" and the "intermediate". If so that's your cert.

But, do you have a file ending in ".key" like those docs describe? Because that is essential.

4 Likes

After spending 15 minutes locating the .key certificate I tried accessing the website and now it works. Crazy!
Thanks for all your help @MikeMcQ and @Bruce5051

5 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.