I have to generate 30,000 new certificates for the main domain name every week

are you sure wildcard don't work? (do you need to use 4 level deep domain like api.dev.exemple.com)

1 Like

Read that documentation:

You can apply for rate-limit increase, as written there.

2 Likes

is www and @ for main domain means www.maindomain.tld and maindomain.tld with static maindomain?
rate limit increase does not increase duplicate certificate lmit. so localdrm.com skima won't work.
this feels like you are try to deploy a certificate for client's local connecton from central location.

2 Likes

a.com b.com c.com d.com e.com .... 30000 domain

I submitted an application, but I didn’t get a response or a solution, and my rate has not been changed, so I came here to ask for help.

I have to process 30,000 different domain names to generate certificates every week,
for example :
www.a.com a.com
www.b.com b.com
www.c.com c.com
.....
Until 30000-50000 integers, one certificate for each domain name, I received a rate limit, I submitted a ticket but did not get help, they may be too busy to see

for that only rate limit apply to you is 300 New Orders per account per 3 hour (so about 2400 per day) (other rate limits are about how many certificates under single domain names)per 3 hours so you'd only need about 5 accounts for new certificate and about 20 for renewals

3 Likes

Why do this?

Why not use a wildcard?

1 Like

he has like half a million base domains

I have to process 30,000 different domain names to generate certificates every week,
for example :
www.a.com a.com
www.b.com b.com
www.c.com c.com

1 Like

That's not "why".

Stuff like this is often:

  • Bad architecture
  • A company/service that should be on the PSL
  • A very large infrastructure company

We can often help people with the first two categories (and many other situations). For the latter category, working with a commercial CA on an Enterprise Contract may be the best option.

2 Likes

Let's Encrypt is used by many hosting providers? I don't understand this suggestion...

3 Likes

Hosting providers secure millions of domains on behalf of their customers.

Infrastructure providers, for example a company like Akamai, will secure thousands to millions of their own subdomains - several levels deep, under a single registered domain - for their own usage. They have highly specialized internal architectures and use-cases that typically require them to work with CAs in the context of Enterprise Contracts to procure and deploy certificates across their systems.

The use-case illustrated by the OP sounds like it may potentially be one of these systems. If that's the case, the integrations and customer support by offered by a commercial CA for that type of usage may be the best option. Those contracts often ensure access and support from sales-engineers or dedicated account integration engineers.

2 Likes

I didn't see this above? In fact, this is the opposite as OP suggested? I still don't get it.. Maybe I'm just missing something :thinking:

2 Likes

The OP's posts, to me, lack detail and suggest conflicting information. "30k new certificates for the main domain every week" sounds more like a company rolling out 30k subdomains every week, than it sounds like a company onboarding 30k new registered domains every week.

I can't tell if their usage is more like a hosting company / saas, or some sort of large internal need. Perhaps they are a webhost who are transitioning clients to LE, and forecast 30k migrations a week. Who knows? "Domain" is a nebulous term here - it could either mean "registered domain" or "subdomain". The examples with a/b/c are pretty meaningless, because numerous people have posted similar things in the past... but they used examples that did not accurately describe the situation (e.g. i've seen people post examples about different registered domains, when they were trying to handle subdomains of a single registered domain, and people citing examples of different subdomains when their production issue was with multiple domains)

2 Likes

The suggestion for many different domain names was made here: I have to generate 30,000 new certificates for the main domain name every week - #8 by Dirk.N

You're right of course that the example could be erroneous.

3 Likes

I didn't see that when I posted - likely an effect of tabbed browsing. I wouldn't trust that example had I seen it though.

2 Likes

When ?

2 Likes

About a month ago

Rudy Gomez via Let's Encrypt Community Support <letsencrypt@discoursemail.com> 于2021年11月23日周二 上午6:12写道:

We have a total of about 1.3 million main domain names, about 600,000 are in use, and approximately 6,000 new main domains are online every week

And you have managed all that from one single IPv4 address?
[Congrats on your efficiency!]

1 Like