How subdomains limit counts

I have site with domain - domain.com
I have several servers with nginx with sub domains
I want to generate them with letsencrypt

I read about rate limit. https://letsencrypt.org/docs/rate-limits/
So If i will generate 2 certificates like this:
sudo certbot certonly -d client1.domain.com --standalone --keep-until-expiring --agree-tos
sudo certbot certonly -d client2.domain.com --standalone --keep-until-expiring --agree-tos

Will it be counted as 2 requests it “Certificates per Registered Domain” or as one?

Hi @ivan133,

That is two certificates for the purposes of the rate limit.

1 Like

If you combine both subdomains in a single certificate by using the -d option twice in the same certbot command, you’ll get a single certificate which will count as just one.
You can enter up to 100 (sub)domain names in a single certificate.

Thank you for your patience guys.

But now I’m a bit confused - how exactly rate limiting work?
Is it per server?

For example, can I generate 20 certs on one server (test1.domain.com, test2.domain.com) and 20 on the second on the same week.

It’s per domain name, rather than per server. If the other server uses example.com instead of domain.com, that’s a separate rate limit. If the other server also uses domain.com, that’s the same rate limit.

Is there a way to add this info to FAQ or maybe to page about rate limiting so idiots like me won’t steal your time next time?

I thought that was pretty well covered by this part:

The main limit is Certificates per Registered Domain, (20 per week). A registered domain is, generally speaking, the part of the domain you purchased from your domain name registrar. For instance, in the name www.example.com, the registered domain is example.com. In new.blog.example.co.uk, the registered domain is example.co.uk. We use the Public Suffix List to calculate the registered domain.

What do you think? Do you see a way this could be improved?

I think we need give example.
Something like this:
Please note that these restrictions are per Registered domain - they do not apply to servers or different domains - only to the domain and its subdomains.
So, for example, if you have domain.com and domain2.com you can register 20 certificates per week for each of these domains.

Another way is to add it FAQ.
I have 30 1st level domains can I generate the certificate for them at once?
Yes, you can we restrictions are per Registered domain, they apply to each domain individually.

Now I see that the answer is pretty obvious, but I think if we do it it can really help new people a lot.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.