I am working on a blog/CMS SaaS platform and have a need to host potentially thousands of custom customers domains.
Checking how Wix and SquareSpace are doing it I noticed they use Let's Encrypt for millions of custom domains.
Digging more into it I found Let's Encrypt has strict api limits, notable limits are 5 renewals per week, 50 requests per week, 10 Accounts per IP Address per 3 hours
How is it possible to use Let's Encrypt for SaaS platform custom domain service like Wix or SquareSpace?
It depends, the limits generally relate to a specific domain, so the 50 limit is 50 subdomains (not 50 domains) so if you are really using customer domains then it generally wouldn't apply. You do need to be careful renewing the exact same cert multiple times (the 5 per week limit).
If you think you really need a rate limit increase you can apply for one, the form is linked from the rate limits page.
That part sounds misstated or possibly taken out of context.
If you are somehow renewing the exact same set of names (over and over), yes, the system will stop you after five duplicate renewals within the same week.
The main limit impacting you would be
300 New Orders per account per 3 hours
combined with the one on account creation, maybe.
Limits on domains and renewals should not apply to you if you issue certificates responsibly.
Large-scale users should also read and fully understand the Integration Guide.
As others are saying, just based on your description it's unclear which rate limits you're specifically worried about hitting.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.