Does the rate limit gets increased when expand an existing certificate


#1

Hi Folks,

for example my base domain is example.com.

I already have an certificate for example.com, www.example.com and foo.example.com.

Now if I want to add hello.com to my existing example.com certificate within --expand.
Does this increase the limit of example.com and/or hello.com?

Thanks,
Sairahcaz


#2

Not that I am aware of as you are simply expanding your certificate


#3

The expanded certificate covers example.com, www.example.com, foo.example.com and hello.com. Therefore (as I understand it) it will be counted as:

  • 1 certificate against the rate limit for example.com
  • 1 certificate against the rate limit for hello.com

The fact that you used --expand is irrelevant; that option is internal to Certbot and the CA does not know or care about it - it will simply give you a new certificate.


#4

@jmorahan is absolutely spot on

You are issuing a new certificate therefore Rate Limits Apply

If you are interested in further reading in the area and proof of this behavior review:

Andrei


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.