UNMS and Let's Encrypt Certificate Error

SuperTom · November 18, 2025, 12:47am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: pay.comptinet.com

I ran this command: Refresh Certificate earlier today on UNMS

It produced this output:

Earlier today:
An unexpected error occurred: PermissionError: [Errno 1] Operation not permitted: '/cert/archive/pay.comptinet.com/privkey6.pem' Failed to generate or update Let's Encrypt certificate.

Now, it is displaying:
Error: An unexpected error occurred:
too many certificates (5) already issued for this exact set of identifiers in the last 168h0m0s, retry after 2025-11-19 07:46:46 UTC: see Rate Limits - Let's Encrypt
Failed to generate or update Let's Encrypt certificate.

My web server is (include version):
Ubiquiti UNMS

The operating system my web server runs on is (include version):
Ubuntu 24.04.3 LTS

My hosting provider, if applicable, is:
CloudFlare

I can login to a root shell on my machine (yes or no, or I don't know):
Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
UNMS version 3.0.147

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Certbot is not installed

Here is a quick summary:
Last Friday, I try logging into my site like I normally would and got the 'Your connection to this site is not secure' on my Google browser. This was odd as I have done nothing to the UNMS at all. After logging in, I checked the UNMS and hit the Refresh Certificate button (UNMS uses Let's Encrypt Certificate). I saw the Failed to generate or update Let's Encrypt certificate.

I have try updating Ubuntu, new fresh install of latest Ubuntu OS and UNMS version 3.0.147 (latest version) and still got the same error. After setting up the new Ubuntu OS for the 2nd time and downgraded to UNMS version 3.0.140. I also waited about a day due to recieving: Error: An unexpected error occurred: too many certificates (5) already issued for this exact set of identifiers in the last 168h0m0s, retry after 11/17/2025 xx:xx:xx UTC. So I waited until after 2:15PM PST and try to refreshing the certificate and still got the same error.

In the past, the default location for Let's Encrypt for UNMS is /home/unms/data/cert/live/'website name"/ . When checking in the directory today, I do see: cert.pm, chain.pem, fullchain.pem, and privkey.pem, and README. I am not sure why the error I recieved earlier today shows: '/cert/archive/pay.comptinet.com/privkey6.pem' . This is in a different location and that I can't seem to locate the folder or pem file from that directory on my server. I have not made any changes to cause this certificate error to happen.

I really need to get this fix as it is going on 4 days now. I greatly appreciate all the support.

Thank you,

T.T.

orangepizza · November 18, 2025, 1:23am

the acme client is fine getting the certs: it's UNMS don't know where to load cert from so it kept asking more.

MikeMcQ · November 18, 2025, 3:18am

You probably need to ask Ubiquiti support about that. Their program is requesting a cert and receiving it. In fact, it has now received so many it has hit a Let's Encrypt rate limit.

The problem is that after that program gets the cert it isn't placing it in a suitable place for your UNMS system to find it. Or, perhaps your UNMS system has been modified somehow. In any case, that requesting program and the program using that cert have mis-matched configs.

Maybe there was a firmware update or similar that has created a problem. I don't know. Any number of things can go wrong. Perhaps someone on their community forums has dealt with a similar problem recently.

We don't often see Ubiquiti problems here but maybe some other volunteer will be able to provide more details. I am not expert with their products so that's the best I can do.

SuperTom · November 18, 2025, 3:32am

You are probably right MikeMcQ. Early last week, I did update to the latest version of UNMS and it ran fine for a few days before all this suddenly happened. Thank you for clearing it up for me. I will reach out to Ubiquiti support on this as well to see if there is a solution. As for hitting the limit, is there a work around that I can use to test the cert to make sure it is working before going live again? That way, I wouldn't have to wait a day after each attempt that doesn't resolve the issue?

MikeMcQ · November 18, 2025, 3:38am

There is an LE Staging system with very relaxed limits. But, I don't know how you use that with your system. You request LE Staging in your ACME Client (being done in UNMS in your case). LE Staging is for testing only (the certs won't validate in browsers and such).

Another option is changing the mix of domain names you request. The limit you are reaching is for identical certs so modifying the names changes that. See this rate limit details and workaround: Rate Limits - Let's Encrypt

Topic		Replies	Views
Let's Encrypt Failing to Generate Cert - Ubiquiti UNMS Help	8	6524	May 31, 2019
Too many certificates already issued for each set of domains Help	2	630	August 12, 2019
[Solved] Can't generate cert. Too many requests. Old certs gone due to server update Help	3	2438	August 31, 2016
Error lets encrypt installation Help	7	1777	March 12, 2017
SSL wont renew. live site please help 911 Help	5	734	December 23, 2019

UNMS and Let's Encrypt Certificate Error

Related topics