Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: MIT.EDU
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is: Squarespace
I can login to a root shell on my machine (yes or no, or I don’t know):
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you’re using Certbot):
I am a network admin at the above domain’s institution. A number of our users have
departmental and group websites hosted at Squarespace. Starting about a year or so ago, we’ve been seeing chronic issues with delays in securing those sites with SSL certificates when the site owner wants to use an MIT.EDU name for the site.
Squarespace help staff flail around for a long time, asking for microscopic changes in the DNS info we’ve created (compliant with their requirements), and occasionally they’ll indicate, when pressed, a claim that Let’s Encrypt certificate requests are failing.
On rare occasions, the certificate is issued within a few hours, on other occasions, the site limps along as “insecure” for months.
When I’ve done the search on this site for certificate issuances for MIT.EDU, I can’t see anything that would indicated a frequency of issuance which would trip the limits. Beyond that I have no visibility into the process. Squarespace won’t even talk to us about specific sites since we’re not the site owners, the individual lab or group owns the site.
Is anyone here able to tell me whether there’s in fact a rate limit we’re hitting for MIT.EDU?