Will it be possible to get SAN certificates?
1 Like
Yes, that is going to be a readily available option in the client, and fully supported by the CA.
3 Likes
Youâre encouraged to put as many names into a given SAN as you like. Boulderâs current default limit is something like 1000 (see âmaxNamesâ in boulder-config.json), though Letâs Encrypt hasnât announced their limit yet.
Still, itâs probably going to be pretty big.
2 Likes
What are the limits at the X.509 level? Are there any additional limits from the Certification Policy or the Baseline Requirements?
1 Like
The Baseline Requirements, version 1.3.0, section 7.1.4.2.1 only specify that the SAN exist and have the CN as an entry, there is no upper bound. RFC3280, section 4.2.1.7 defines it as a SEQUENCE SIZE (1..MAX) which means itâs implementation independent. For Firefox, for example, it appears that the max is not enforced so much the number of SAN entries, but rather the total size of the certificate.
We may see compatibility issues if we try a huge SAN, but itâs probably easiest to find out by trying, and if it doesnât work, asking the client to reissue two certs instead of one only takes a few minutes.
1 Like
This would be a great area for community research. If someone can find out the max certificate sizes for various common clients (Firefox, Chrome, IE, Safari, Java, mobile browsers), the client can suggest a default size limit that will maximize compatibility.
1 Like
I keep reading SAN and thinking you need a certificate for your storage-area network 
4 Likes
Iâd bet most TLS client implementations will parse quite a few SANs before failing, the real issue seems to be choosing a number that avoids unnecessarily bloating the size of the certificate itself. A good example here can be taken from Cloudflare who bundle SANs for their âUniversal SSLâ service into a single certificate and seem to have a limit of ~47 SANs per cert.
1 Like
Based on a quick test openssl with happily parse a cert with over 1000 SANs.
1 Like
Unrelated to LE specifically: as @roland mentioned, having a huge certificate (with lots and lots of SAN entries) will â AFAIK â bloat the transfer size required for each SSL handshake, and will be bad for performance, so I wouldnât really recommend that.
4 Likes
true indeed.. but that's what ECC 256bit SSL certs are good for too = smaller sizes 
By SANs you mean LE will issue a certificate as follows:
CN=domain.com
SANs=www.domain.com, otherdomain.org, www.otherdomain.org
So, my question is: will we be able to add completely different domains as SANs?
Yep, as long as all domains included pass validation.
I was able to get a certificate with 85 domains live. Then I went for 165 and got this error back:
Error signing certificate: 400 {âtypeâ:âurn:acme:error:malformedâ,âdetailâ:âError creating new cert :: Certificate request has 165 names, maximum is 100.â,âstatusâ:400}
Is this a limitation of the client Iâm using or a limit from somewhere else?
Thanks - this is a great project!
This is a limitation set in Boulder, the certificate authority server of Letâs Encrypt. Thereâs no way to bypass that. Perhaps theyâll raise the limit to something else, but at this time, itâs set to 100.
You can find the piece of code in the source code of Boulder on GitHub:
https://github.com/letsencrypt/boulder/blob/master/ca/certificate-authority.go#L274
1 Like
Things can get a bit weird with some clients when the SAN field gets too big.
1 Like
Which is why it would be nice if we could put wild card entries into the SAN (i.e. *.domain.com, *.domain.net, domain.net, *.domain.org, domain.org)