Rate limit for ‘/directory’ reached – error 429, 467

  • Resolved AITpro

    (@aitpro)


    2 years, 10 months ago

    In my case the cause of this problem was that I had a domain that was redirecting to another domain. The domain that was being redirected exceeded a rate limit of pending authorizations. This caused all other SSL Cert requests to fail for all other domains. To fix the problem I removed the redirect and manually requested new SSL Certs for all domains. For now I have excluded the domain that is being redirected, but that will cause a problem for that http redirect without an SSL Cert because of the way Google enforces SSL. The most logical approach is to deal with the Google SSL headache while the redirected domain is excluded in the AutoSSL plugin to allow enough time to pass in order to allow the Let’s Encrypt rate limit to fall into a limit, which does not exceed the rate limit. So I can then request a new SSL Cert for the domain that is being redirected.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter AITpro

    (@aitpro)

    Resolved

    From the Let’s Encrypt documentation page for Rate Limits

    If you’ve hit a rate limit, we don’t have a way to temporarily reset it. You’ll need to wait until the rate limit expires after a week.

    Tried this, but it did not work.

    Clearing Pending Authorizations
    If you have a large number of pending authorization objects and are getting a Pending Authorizations rate limiting error, you can trigger a validation attempt for those authorization objects by submitting a JWS-signed POST to one of its challenges, as described in the ACME spec. The pending authorization objects are represented by URLs of the form https://acme-v02.api.letsencrypt.org/acme/authz/XYZ, and should show up in your client logs. Note that it doesn’t matter whether validation succeeds or fails. Either will take the authorization out of ‘pending’ state. If you do not have logs containing the relevant authorization URLs, you need to wait for the rate limit to expire. As described above, there is a sliding window, so this may take less than a week depending on your pattern of issuance.

    Note that having a large number of pending authorizations is generally the result of a buggy client. If you’re hitting this rate limit frequently you should double-check your client code.

    • This reply was modified 2 years, 10 months ago by AITpro.
    • This reply was modified 2 years, 10 months ago by AITpro.
    Thread Starter AITpro

    (@aitpro)

    I was wrong about the cause of the problem. The problem is that cron jobs are not completing successfully due to the php error below. I am able to manually request new SSL Certificates using the “Issue and install Free SSL certificate” button. Note: In my case I had a couple of domains that were not getting new SSL certificates. So I excluded all other domains using the “Exclude Domains” tool and requested SSL Certs for each domain individually.

    PHP Version: 8.1.3

    [10-May-2022 07:00:29 UTC] PHP Fatal error:  Uncaught TypeError: Cannot access offset of type string on string in /home/xxxxx/public_html/xxxxx/xxxxx/wp-content/plugins/auto-install-free-ssl/FreeSSLAuto/src/Acme/AcmeV2.php:173
Stack trace:
#0 /home/xxxxx/public_html/xxxxx/xxxxx/wp-content/plugins/auto-install-free-ssl/FreeSSLAuto/src/FreeSSLAuto.php(199): AutoInstallFreeSSL\FreeSSLAuto\Acme\AcmeV2->obtainSsl()
#1 /home/xxxxx/public_html/xxxxx/xxxxx/wp-content/plugins/auto-install-free-ssl/cron.php(96): AutoInstallFreeSSL\FreeSSLAuto\FreeSSLAuto->run()
#2 {main}
  thrown in /home/xxxxx/public_html/xxxxx/xxxxx/wp-content/plugins/auto-install-free-ssl/FreeSSLAuto/src/Acme/AcmeV2.php on line 173
    • This reply was modified 2 years, 10 months ago by AITpro.
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Rate limit for ‘/directory’ reached – error 429, 467’ is closed to new replies.