I am using acme.sh to obtain and deploy certificates for the domains hosted on my cPanel/WHM server. My current process to issue is based on a manual support ticket creation from the customer side after they changed their Nameserver pointed to my server IP.
I chose acme.sh because cPanel’s AutoSSL seems to have limitations.
In this set-up, the Virtual Host 1 is within the 100 Names per Certificate limit. However, Virtual Host 2 exceeds that limit. From Virtual Host 3 to Virtual Host 500, there are just two domains each, and thus there is no any limit issues.
However, the total number of accounts (Virtual Host) hosted on the same dedicated server exceeded 100 and reached 500. But I don’t need to worry about the number of Virtual Hosts; I only need to look into the number of domains in a Virtual Host.
Yes, I am optimistic that typically my customers will not have such a long list of domains within their accounts.
Could you please comment on the number of Virtual Host part, where I am actually stuck?
I mean, can I have an unlimited number of Virtual Hosts use Let’s Encrypt SSL via Auto SSL without worrying about the limitations (per Virtual Hosts will have only less than 100 domains), as the limit applies to the number of domains of a Virtual Host and not the number of Virtual Hosts hosted on the same server. So all of my Virtual Hosts will have Let’s Encrypt issued Certificates via Auto SSL?
I don’t actually know how AutoSSL is combined with VirtualHosts, but from a technically standpoint VirtualHosts don’t have anything to do with Let’s Encrypt rate limits. You can combine any combination within Let’s Encrypt certificates: multiple domains (in your specific case, multiple VirtualHosts) can be combined in one single certificate. The only limit is the 100 FQDNs per certificate max.
Also, obviously, other rate limits apply. See the link in my first reply. But if every VirtualHost has its “own” domain name, and as most rate limits apply to domain names, you’ll be safe.
I don't know if there is a limit domains per virtual host. But this is not the Letsencrypt-limit.
As I know, you can only have one certificate per vHost ( cPanel & WHM Developer Portal - part about SSL) . So if your vHost has more then 100 domains, you should split it (if a wildcard certificate isn't possible).
You may also create one vHost per Domain/Subdomain, then you have only certificates with two (www.example.com + example.com) or one subdomain name.
There is another limit: You can only create 50 certificates per domain per week. So you can't create 100 subdomain-certificates in one week. In two weeks - it is possible.
Hello @Osiris and @JuergenAuer, I got a reply from the support team. The limit is for each virtual host as opposed to each IP address, which means, based on my customer data, the limits which I was worried is not valid.
I thought that, with Auto SSL, I could only secure 100/200 accounts on my Dedi.
It all went due to a misread of cPanel’s docs. I am now switching to Auto SSL and going to save much time.
Another thing is that in principle you could use more than one virtual host per customer (even though this might be unconventional for a particular work flow and require a bit more record-keeping).
