Description
The article describes the meaning of the error message 'Error creating a new order :: too many certificates already issued for: <domain.com>' while creating a new ACME certificate.(Let’s Encrypt).
Scope
FortiGate.
Solution
Let's Encrypt ACME is a free service. The main limit of Certificates per Registered Domain has been limited (50 per week). A registered domain is, generally speaking, the part of the domain that was purchased from the domain name registrar.
For instance, in the name www.example.com, the registered domain is example.com. In new.blog.example.co.uk, the registered domain is example.co.uk.
Use the Public Suffix List to calculate the registered domain. Exceeding the Certificates Per Registered Domain limit is reported with the error message of too many certificates already issued, possibly with additional details.
For example, if the 50 certificate limit has been reached for the 'fortiddns.com' domain in a week then the below error would be shown.
'Error creating a new order :: too many certificates already issued for: fortiddns.com'
A similar error may be shown for repeated attempts from a certain device over a short period. After 5 unsuccessful attempts to register a certificate with Let's Encrypt, a timeout of 1h can be observed and enforced by Let's Encrypt.
For more details refer to the Let's Encrypt Article:
