Hello,
We are a domain company that’s been in business for over 10 years and manages over 1M domain names on our DNS server.
We’re looking to provide SSL/HTTPS support via LetsEncrypt, however the default rate limit is far too low to ever allow for supporting SSL on all of our managed domains.
Many of our competitors already have received a rate limit increase via LetsEncrypt. We’ve submitted the rate limit increase form about 1-2 weeks ago, but have yet to hear back. Please advise, thank you.
Hi @mattnet,
Which rate limit(s) do you expect to hit in your issuance? Are you planning to cover each domain with a single certificate, or combine multiple domains within a single certificate?
If you combined 100 domains per certificate, the most relevant rate limit would be the New Orders Per Account limit, which would allow you to cover up to 240000 domains per day with a single ACME account (or 120000 domains per day if you included the www subdomain for each domain). (I realize that this may not give you the flexibility you need and you may need a rate limit adjustment anyway.)
At this rate, you could potentially cover a million domains with one ACME account in less than a single work week, and you can also choose to have multiple ACME accounts to speed up the issuance even further.
Hi @schoen
Greatly appreciate your response and help!
We plan to cover each domain with a single certificate. If we combine multiple domains, if not mistaken, the multiple domains would be visible on the ‘View Certificate’ info setting of any browser, am I correct?
A single account would work in this case, but again, the issue will be if the cert shows multiple domains in the cert. Any ideas?
If it does, we’d simply appreciate a rate limit increase which would solve this issue.
Yes, if you combine multiple domains in a single certificate, a user examining the certificate in the browser would see that all of those domains are present on that certificate.
Without combining them this way, I do imagine that you would hit the New Orders Per Account limit and only be able to cover 2400 domains per day with a single ACME account. You could get around this by making more accounts, but this might be less convenient.
I hope you’ll get a reply on this thread or by e-mail to your rate limit adjustment request. If you don’t get a reply in another week, please ask here again and we can ask some Let’s Encrypt staff members to check on it. Thanks!
Right the 2400/day per account would be too low. We rather use a single account to make things easier to manage and keep track of.
I’ve created the ticket 2-3 weeks ago. Will continue waiting and update this thread in another 1-2 weeks if no response. Thanks
Hi Mattnet,
I DM’ed you to follow up.
Thanks!
-JP
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.