Let's encrypt 429 'too many certificates already issued'

L

llevering

New member
Joined
Apr 3, 2023
Messages
3
I got warned by Let's Encrypt about an expiring certificate for my main domain.

Therefore I went into Direcatdmin -> SSL certificates -> 'Get automatic certificate from ACME provider'
All needed information is there prefilled and I clicked 'Save'.

I then get the following error
'Cannot execute your request'
acme: error: 429 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rateLimited :: Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours

Well believe I did not hit the save button that many times (and if so it is very unsuccesfull). Where can I find more logs on the process that is issues the certificate, or basically were do I go from here to troubleshoot this issue?
 
Ratelimit for IP, so if there a lof of domains was issued in same time, just wait till tomorow. Part of domains will receive their certs today, part tomorow, and so on..
 
That is a likely explanation, thanks for your time! However the renewal should have happened for 23 days already so I have little hope that the coming days are better. I posted this in the users section as the error happens, but it is my own VPS and I have all access and there aren´t that many domains on it (sorry that was missing information in the first post).
 
I disabled auto-renew and now can do it manually. It sheds maybe a little bit of light on the issue, as I can renew after waiting a day. The interface says it is succesful, however I do not see a new certificate when visiting the site (after waiting a little while). When looking /usr/local/directadmin/data/users/{user}/{domain}, I see only a new {domain}.cert.combined, no new .key file and not a .cacert.

I ran 'set_permission.sh' to fix potential permissions issues, but that doesn't make any difference. Is there maybe a location where the letsencrypt files might be stored temporarily so I can still grab them there so I can but them in place manually for now? I only have two days left before my current certificate is invalid, so I really need some way to fix this issue.

BTW for other domains I can renew certificates just fine.
 
You must log in or register to reply here.
Back
Top