-
Notifications
You must be signed in to change notification settings - Fork 25
-
Notifications
You must be signed in to change notification settings - Fork 25
Issue: Renewal and Letsencrypt Ratelimit #81
Comments
https://community.letsencrypt.org/t/rate-limits-for-lets-encrypt/6769/2 Rate limits have been increased now to 20. If more domains than that perhaps this plugin could stagger the renews across multiple weeks? Having said that-- I don't need that, 20 is more than enough for me. |
From the community forum, word is that this plugin is requesting new certs instead of renewing current certs. In fact sometimes my automatic renewals failed with the following error (NB Error creating new cert):
See: https://community.letsencrypt.org/t/rate-limited-domain/15173/6 By changing that behavior, the issue of rate limits on automatic renewals would go away. |
@chreds Rate limits only apply to new certificates, not renewals - that's part of the plugin's problem! |
The extension now performs a daily check for certificates which are about to expire and renews them not earlier than 30 days before their expiration. |
@xgin quick question. In the 2.x plugin it was fixed as it seems. I had a setup with a 1.9.x version and it seems it checked a domain every day and file cert requests in the same interval (according to crt.sh). And this may ne the cause where we got
But the certificate files were not updated or created so we ended with an expired cert which locked users out as we use HSTS. Is this fixed or a separate issue? Do you have any ideas where these unused certs could be (they are not in live or archive)? |
I am experiencing rate limit problems in connection with issue #194. The server is trying to renew the certificate every hour (as I can see on crt.sh, where it lists hourly renewals followed by pauses that are obviously caused by the rate limit. Is there any way I can stop these renewal attempts just for that domain? |
@oliver-graetz which version of the Plesk LetsEncrypt plugin is installed? |
I mentioned that in my comment on issue #194: v2.5.3-354 |
The problem persists. For one of our domains, there is a renewal attempt for the certificate every hour and I cannot find a way to stop it. How does the extension check if a certificate is due for renewal? Or can I flush some list of tasks? The whole task of debugging this is quite futile without the extension source code. |
If I have more than 5 certificates for a domain registered (subdomains....) , the monthly renewal will renew only the first 5 certificates of this domain, in case of the LetsEncrypt Rate Limit. Sbdomains 6 - 7 - .... will not be renewed.
https://community.letsencrypt.org/t/rate-limits-for-lets-encrypt/6769
The text was updated successfully, but these errors were encountered: