Do you really want all domains on one certificate though the size for RSA 2048bit would be larger and there would be performance overhead (well until LE supports ECC 256bit with smaller cert related file sizes than RSA2048bit)
I use wildcards on my main domain and have quite some actively used subdomains. I would like wildcards, but as this doesn’t seem to happen anytime, i would like the limits per domain raised to 20-50 subdomains. Is there any problem in granting more certs per domain? The number of certs does not change, when i would need to buy more secondlevel domains for example, just to get the needed certificates. So the limit on subdomains seems a bit arbitrary, now that letsencrypt went public.
Yeah I’ve been this problem also. Seems to me that I’ll have to wait until restrictions are lowered after the beta phase -> Thread
It’s kind of annoying that I cannot renew my cert now as restrictions are applying also to certs that have already been issued to a dyndns subdomain.
When i start a new project, i need a certificate with the new subdomain in it. This means, i need a new certificate, independend from if i want to add a domain to the common certificate or if i want a certificate just for the new subdomain. So i would now need to request a new cert for the new subdomain now, and at the next renewal time i need to remember to add the new subdomain to the common certificate.
But both do not really help, when i hit the API limit and want now to add a new subdomain (either as single cert or as new common cert with one subdomain more), which will only work after 60 days. Which effectively means, that my new project is for 60 days only available unencrypted.
And on the other hand, it may be not wanted to have all subdomains on the same cert.
It is also impractical for independend configuration of the subdomains.
For example i use a configuration for my webserver, where i can do touch sites/newdomain and the needed stuff (webroot, log directory, server configuration) is created on reload of the webserver. I thought about adding “add letsencrypt certificate” there, but this will not work with the limit.
I see the point in some limit, but i think it should be like 50-100. Who needs more than 100 subdomains may want to buy a wildcard certificate somewhere anyway. But a moderate number of subdomains should be possible. So better a global domain limit than a subdomains-per-domain limit. It should not make any difference, if i sign 100 domains or 100 subdomains.