• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Issue Securing Plesk with Let's Encrypt

T

Troll2Jeux

New Pleskian
Hello,

We are running an online shop on a server based on Debian 10.13, with a Plesk Obsidian Web Pro Edition Version 18.0.52 Update #2 and hosted by OVH.com.
The server holds 1 domain (domain.com) and 1 subdomain (test.domain.com - currently suspended).

When I looked upon the server rating, Advisor tells me that "Plesk is not secured". When I try to secure it, I get the following error :
Code: 
Could not issue an SSL/TLS certificate for domain.reseller.mis.ovh.net
Details
Could not issue a Let's Encrypt SSL/TLS certificate for domain.reseller.mis.ovh.net.



One of the Let's Encrypt rate limits has been exceeded for domain.reseller.mis.ovh.net.

See the related Knowledge Base article for details.

Details
Invalid response from https://acme-v02.api.letsencrypt.org/acme/new-order.

Details:

Type: urn:ietf:params:acme:error:rateLimited

Status: 429

Detail: Error creating new order :: too many certificates already issued for "ovh.net". Retry after 2023-05-12T15:00:00Z: see https://letsencrypt.org/docs/rate-limits/

I looked at the documentation but it makes no sens to me : "The most common rate limit of 50 certificates per domain per 7 days" --> why would we ask for more than 50 certificates for 1 domain and 1 subdomain ? Or does it count all ovh hosted websites ?

I checked if a cron task could maybe mess with that and all I found was :
cron lets encrypt.png
Which shouldn't be enough to cause any trouble either.

Would you have any advice on how to solve this problem ?

Thanks !
 
Troll2Jeux said:
too many certificates already issued for "ovh.net". Retry after 2023-05-12T15:00:00Z: see Rate Limits - Let's Encrypt
Click to expand...
That's the problem right there. If you chose a different hostname, e.g. one based on your own domain, you can immediately issue a matching cert for it. But as the domain is seen as ovh.net, thousands of other requests are also made (by other server owners) and rates are exceeded.
 
I'm talking about ovh.net, but indeed, yes, you'll need to trade the hostname into something more personal that is not used by others.
 
Had two years ago same issue. Made a Backup and snapshot of everything, just for a step back opportunity. then I got a new subdomain connected it via dns entries to the server where plesk is and waited a day or so that new dns entries became recognized. tested the subdomain, normally it should show a plesk login site. After that switches the name in Server-Settings and then I got my SSL-Certificate.
 
You must log in or register to reply here.

Similar threads

D
Issue Lets Encrypt Not Successful over port 80
Replies
8
Views
343
Daiv
D
D
Issue Automatic renewal via SSLit doesn't work for wildcard certificates
Replies
0
Views
488
D3nnis3n
D
Hangover2
Forwarded to devs SSL It! breaks renewal and usage of Let's Encrypt wildcard certificates when subdomains are involved
2
Replies
28
Views
6K
marcoherzog
M
R
  • Locked
Resolved Assign IPv6 address to Plesk
Replies
1
Views
950
Peter Debik
P
Nextgen-Networks
Issue Lets Encrypt - error in certificate renew process
2
Replies
21
Views
2K
Peter Debik
P
Back
Top