It never happened to me but I’m worried it will happens to me one day with misusage on my part I will reach the cert renewal limit and risk to have my websites/apps offline for a week because of no SSL certificate.
The limit is necessary for lets-encrypt to prevent spam and fair use of lets-encrypt resources, and I think a proper usage of lets-encrypt fit 99.9999% of use cases for certificates so I think the limit should not change.
What I suggest is letting users paying a small amount like 10€, or any amount lets-encrypt deem to be reasonable to reset their limit to 0 in an automated web process in case of misusage to prevent such disaster scenario.
The process being automatic after payment would not need human intervention on the part of lets-encrypt, Please find below my proposition of process.
- A unique token should be included in the failed renewal/creation message.
- The user will copy the token from the error message to the form during the payment process to automatically identify the appropriate account/domain/address that reached the rate-limit
- after payment the rate-limit is reseted to 0 without delay.