• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Issue Securing Plesk with Let's Encrypt

Troll2Jeux

New Pleskian
Hello,

We are running an online shop on a server based on Debian 10.13, with a Plesk Obsidian Web Pro Edition Version 18.0.52 Update #2 and hosted by OVH.com.
The server holds 1 domain (domain.com) and 1 subdomain (test.domain.com - currently suspended).

When I looked upon the server rating, Advisor tells me that "Plesk is not secured". When I try to secure it, I get the following error :
Code:
Could not issue an SSL/TLS certificate for domain.reseller.mis.ovh.net
Details
Could not issue a Let's Encrypt SSL/TLS certificate for domain.reseller.mis.ovh.net.



One of the Let's Encrypt rate limits has been exceeded for domain.reseller.mis.ovh.net.

See the related Knowledge Base article for details.

Details
Invalid response from https://acme-v02.api.letsencrypt.org/acme/new-order.

Details:

Type: urn:ietf:params:acme:error:rateLimited

Status: 429

Detail: Error creating new order :: too many certificates already issued for "ovh.net". Retry after 2023-05-12T15:00:00Z: see https://letsencrypt.org/docs/rate-limits/

I looked at the documentation but it makes no sens to me : "The most common rate limit of 50 certificates per domain per 7 days" --> why would we ask for more than 50 certificates for 1 domain and 1 subdomain ? Or does it count all ovh hosted websites ?

I checked if a cron task could maybe mess with that and all I found was :
cron lets encrypt.png
Which shouldn't be enough to cause any trouble either.

Would you have any advice on how to solve this problem ?

Thanks !
 
too many certificates already issued for "ovh.net". Retry after 2023-05-12T15:00:00Z: see Rate Limits - Let's Encrypt
That's the problem right there. If you chose a different hostname, e.g. one based on your own domain, you can immediately issue a matching cert for it. But as the domain is seen as ovh.net, thousands of other requests are also made (by other server owners) and rates are exceeded.
 
I'm talking about ovh.net, but indeed, yes, you'll need to trade the hostname into something more personal that is not used by others.
 
Had two years ago same issue. Made a Backup and snapshot of everything, just for a step back opportunity. then I got a new subdomain connected it via dns entries to the server where plesk is and waited a day or so that new dns entries became recognized. tested the subdomain, normally it should show a plesk login site. After that switches the name in Server-Settings and then I got my SSL-Certificate.
 
Back
Top