Hi, I know that this posted already exists in the community but all of those similar posts are pretty old.
I would need an updated clarification about rate limits and renewals.
According to what I’ve read in the docs (https://letsencrypt.org/docs/rate-limits/) I understand that I can issue up to 50 certificates per week for distinct registered domains.
So let’s consider the following scenario:
On the first week, I issue my 50 first certificates for 50 differents registered domains (example1.com - example50.com)
Now let’s say that one week before the expiration of the first 50 certificates (example1.com - example50.com) I need to issue 50 new certificates for example101.com to example150.com. Will I be able to renew 50 certificates and to issue 50 new certificates on the same week?
The “Certificates per Registered Domain” limit is the opposite of that – it’s not about how many different domains you can use, it’s about how many certificates you can issue for each domain.
Issuing 1 certificate for, say "example.com and www.example.com" counts as "1 certificate for the domain example.com".
Subsequently issuing 1 certificate for “blog.example.net” counts as "1 certificate for the domain example.net".
So now you can issue 49 more new certificates for example.com and 49 more new certificates for example.net in the next week.
(A certificate that includes multiple domains counts as 1 for each domain.)
Further, renewing certificates – defined as issuing a new certificate for the exact combination of names matching a previous certificate – is excluded from the “Certificates per Registered Domain” limit.
(Renewing certificates repeatedly is limited by the “Duplicate Certificate” rate limit.)
The default rate limits allow you to issue thousands of certificates per week, limited mainly by the “300 New Orders per account per 3 hours” rate limit.
First, thanks for your answer.
If I get you, this means that I can issue 300 new certificates for different domains per 3 hours ?
So I would be able to issue from example1.com to example300.com at the same time right ?
They don’t all have to be different domains, of course.
The New Orders rate limit is an overall limit on certificate issuance regardless of which domains are included or whether you’re renewing certificates or creating new certificates.