ACMEv2 - 300 new orders per 3 hours limit


#1

I’m looking to request a few thousand certificates for the first time (and then renew them in monthly intervals) via ACMEv2, but this limit seems to a bit harsh in my case. Do I have to rate-limit my client to not request more than 1.66 certificates per minute for the initial run?

Is this something the rate-limit form can help with or should I switch to ACMEv1? I don’t expect too many new certificate orders after the initial run.


#2

I’m not a Let’s Encrypt employee, but I would think rate limiting sooooo many certificates a little bit would be appriciated so the load on Let’s Encrypts systems doesn’t peak so much, wouldn’t you think?


#3

a little bit

With that limit, I can only request 1 certificate in a 36 second timeframe which seems a tad low, no?

Also, my client (dehydrated) does not really support going that slow. In serial execution on a single process, I estimate one challenge to take around 10 seconds maximum, so I’d have to find a way to artificially slow it down.

My initial plan was to run 8 parallel client processes, which is still far below the 300 pending authorizations limit.


#4

Hi @silverwind

I don’t understand the problem. Create a list, then step by step, wait 30 - 40 seconds between two certificates.

One user shouldn’t produce too high spikes.


#5

Not really, no.

man sleep


#6

Create a list, then step by step, wait 30 - 40 seconds between two certificates.

Guess that’s what I’ll do.

It just kind of goes against the design of my client which I feed a list of domains and which then serially request certificates as fast as possible, which is around 5-10 seconds per certificate.


#7

Hi @silverwind,

Two other options might be


#8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.