Something seems to have gone wrong with a Let's Encrypt configuration and I don't know how to stop it.
When I logged onto to renew a cert that is to expire in 5 days I got the error:
Failed to renew certificate inzu-mail.net with error: urn:ietf:params:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new order :: too many certificates already issued for exact set of domains:
But I haven't generated any new certificates since the last time it needed renewing (about 90 days ago). I have never had trouble with this certificate.
If I look on https://check-your-website.server-daten.de it is showing certs generated at lots of irregular times over the past few weeks, sometime twice on the same day, then 5 days apart, no pattern to it. Although this started at the same time I was sent the email reminder to renew, so maybe there is a connnection?
If I look in the Let's Encrypt folder in /etc there are lots of certs and keys corresponding to those dates. But there is still only the correct set of keys and certs in the domain folder from 90 days ago as there should be.
So what is creating all these extra certificate requests?
Edit:
There is no cron for certbot but there is a system timer:
[Unit]
# Auto-generated, DO NOT EDIT
Description=Timer renew for snap application certbot.renew
Requires=var-lib-snapd-snap-certbot-1150.mount
After=var-lib-snapd-snap-certbot-1150.mount
X-Snappy=yes
[Timer]
Unit=snap.certbot.renew.service
OnCalendar=*-*-* 03:21
OnCalendar=*-*-* 16:28
[Install]
WantedBy=timers.target
