Hi, i’m trying to contact Let’s Encrypt because to see a way to change the limit of the certificates, but i’m getting no answer, so i’m trying to get a solution here.
We will launch a new e-commerce, and we want to use Let’s Encrypt for the SSL certificates… when a user creates a store, still in trial mode, we will provide a subdomain of our e-commerce, but that goes to a wildcard certificates on our domain.
The problem is when the customer subscribe our solution, and register is own domain on our ecommerce solution, when the first customer enters on that domain, we are generating a new certificate on that server for that domain, the problem is that the limits are to short to a e-commerce solution.
Which limits are in the way? What certificates are you issuing? And how many?
If you’re issuing one certificate for a subdomain of your customer’s own domain, that’s not likely to be a problem, unless the customer has already issued 50 new certificates for their domain, or 5 duplicate certificates for your subdomain, in the last week.
Is the “300 New Orders per account per 3 hours” a problem? Are you adding that many customers that quickly?
There’s a link to the form to request a rate limit increase on the rate limit page:
So, help me building the best solution, because you are right, that’s really not a problem:
Imagine that i have the domain ecommerce.com, and my customer registry and is store will be generated on hisstore.ecommerce.com, that’s not a problem because if we work with an wildcard, every stores will work under that wildcard.
After that, we will put his own domain hisstore.com, and when a customer enters in the first time in that server, the certificate is generated.
My question is, we should work everything and every domains over the same account, or in each domain a new account is generated? How the accounts work, can you explain me?
Ultimately, how it works is up to you. An ACME client will probably register an account the first time you run it on a server, and then use that account for all certificates for all domains. You can stick with that, or do something else.
If all of the accounts are under your control, there's no need to use different accounts for different domains. And there is an account creation rate limit.
The integration guide has some discussion of accounts: