Rate limit increase for renewals in 3 hour timeframe

Hello,

Due to a script failure, our renewals for our production/customer sites had failed for a period of time resulting in a large backlog of certs needing renewals.
While trying to clear this backlog and minimize impact on our customers, we are hitting the renewals limit per 3 hour timeframe forcing us to make this urgent request for a rate limit increase specifically on renewals within a 3 hour timeframe.

A request for rate limit increase was submitted on Friday, April 10th, and we would like to have confirmation that the increase was applied to our account.

We will very much appreciate your quick response to this query.

Thank you very much!

There’s no such thing as a distinct “renewals per 3 hour” rate limit. I’m guessing you’re referring to the “300 New Orders per account per 3 hours” rate limit (with the “too many new orders recently” error message)?

If so, personally I would say, even with a rather large backlog, 300 renewals per 3 hours is a lot of certificates you can renew in a rather short time frame. That’s 2400 certificates a day!

I could think Let’s Encrypt would like to keep this rate limit in place so you won’t stress the service too much. It’s quite costly in terms of resources (HSM) to issue a certificate.

Hi @UB-IT

how many certificates need a renew?

I don't think that a temporary script problem is a reason to increase the rate limit. That's a temporary problem you should fix.

Sounds like your setup is wrong. You should renew certificates if they are max. 30 days valid.

So you have more then 20 days to fix that.

Thank you @Osiris!

Yes. Apologies for the inexact language language.
Unfortunately, that limit does not allow clearing a backlog of almost 30,000 renewals in 72 hours.

I agree with the service resources being costly, however this is an extenuating situation and hence the request to assist us in overcoming it.

We rarely ever approach the current limits in normal operations.

Thank you for your response @JuergenAuer!

As I mentioned to @Osiris, this is an extenuating circumstance cause by a series of internal events.
I am not going to waste anyone’s time here with the details of what has led to this situation, but rather need some assistance from LE’s team to resolve our current issue which is the large number of backlogged renewals.

It's not.

Create a new account, then start to renew your certificates.

One certificate renew, then sleep 50 seconds, then the next.

So you can create 1 certificate per minute, 180 certificates in three hours without hitting the 300 new orders per 3 hours.

60 certificates per hour = 1440 per day, 30000 / 1440 = ~~ 20 days.

So use two new accounts and all certificates are renewed in 10 days.

Read

If you are a large hosting provider or organization working on a Let’s Encrypt integration, we have a rate limiting form that can be used to request a higher rate limit. It takes a few weeks to process requests, so this form is not suitable if you just need to reset a rate limit faster than it resets on its own.

"a few weeks".

We can always ping @lestaff and hope they can be of service.

This however reminds me of a beautiful (IMHO :stuck_out_tongue:) Dutch saying: "Wie zijn billen brandt, moet op blaren zitten."

Hahahaha... and we certainly feel the burn.

Thank you!
We are aware of all this info and it does not help in this situation.
Normally we would be going through support or our dedicated account manager for the service we seek assistance with.
I am hoping that someone from @lestaff could connect with us directly to help.

Using multiple accounts might help you. Assuming you don't need 30 000 certificates for just a few domains obviously.

Hi @UB-IT,

Sending you a DM for more information about your rate limit adjustment request.

Best,
Jenessa

3 Likes

Thank you so much @jple!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.