[BUG] letsencrypt too many registrations for this ip about zoraxy HOT 7 OPEN

@Korenchkin You have hit the rate limit by Let's Encrypt. You can use wildcard certificate with DNS challenge or put all the subdomains / hostname into a single certificate (i.e. generate certificate with multiple subdomains, separated by comma like sub1.example.com,sub2.example.com, (and the rest of your 17 host names).

If you are migrating from Caddy to Zoraxy (which we usually recommend advance users to move from Zoraxy to Caddy instead), you do not generate a set of new certificates. Instead, you should migrate the certificate from your old setup to the new one following this guide here.

from zoraxy.

This i understand and i had imported rest of the certificates,but in the end this bug remains,you seem to create new letsencrypt login for each certificate,otherwise i would have 1 or 2 new registration (i was testing) on my ip...

what happens on renew if i have 20 certificates ending at the same time?renew 10,fails rest and retry next day?

I.e. no cached login means new registration for each certificate,cached login means one registration for 20 certificates and no problem(or other limits might apply,but probably much higher)

Or do i understand it wrong how letsencrypt work?

from zoraxy.

@Korenchkin I don't know what do you mean by login. You do not need to login to anything to use Let's Encrypt. If you have 20 sites that needed to be served over TLS / HTTPS, use a cert that contains multiple hostname (SAN certificate). Zoraxy support generating SAN certificate via Lets Encrypt so I am not sure what is your problem here.

from zoraxy.

you don't need login,but you should use it once you get it,if you try caddy for example,create some server and find /|grep 'servername' to locate,where it is,in the same location (for me /var/lib/caddy/.local/share/caddy/acme/acme-v02.api.letsencrypt.org-directory/users/'email'/'namebefore@'. json and key,this is your login
if you create new login (i believe you create,maybe without knowing it) for each certificate,you hit limit after 10 certificates(10 new logins)
key is just small ~200bytes private key

edit: in caddy i have one name per certificate,i prefer it for security reasons(if you look on certificate,you don't know what other servers i have)

from zoraxy.

Hmmm, Lets ping the ACME module author and ask for his opinion @yeungalan .

from zoraxy.

Hi, it sounds like you hit Let's Encrypt's registration limit. Which is 10 accounts per IP address every 3 hours, to reduce the amount of repeated registration you may try to merge your domains into a single certificate and that should resolve your issue

https://letsencrypt.org/docs/too-many-registrations-for-this-ip/

from zoraxy.

checking in to improve this procedure

from zoraxy.