Too many certificates already issued for: startdedicated.de

Huskynarr · January 3, 2016, 2:54pm

Too many certificates already issued for: startdedicated.de

The Domain startdedicated.de is from PlusServer AG. German Hoster. How we can resolve this? Because a lot auf Servers run under this Names.

All Servers at Easy Server Customer get Server with hostname/Domain as servername.domain.tld.
There are more than 100 Server at the same Time.
How can be solve this?

schoen · January 3, 2016, 7:19pm

One option would be to add startdedicated.de to the public suffix list.

I think it’s an appropriate use of the public suffix list to include a domain where customers of a hosting company are given individual subdomains, although I’m not positive whether there’s an existing precedent for that. It has definitely been used for free dynamic DNS services where people can simply request subdomains. Let’s Encrypt would not apply the rate limit across subdomains of startdedicated.de if it were listed this way.

sahsanu · January 3, 2016, 8:24pm

The other option is wait just a few days, seems Let's Encrypt is preparing some kind of request form to avoid the rate limits.

afcady · February 15, 2016, 11:58pm

Be notified that the Public Suffix List is currently closed to new registrations, because of the large number of registration requests related to Let’s Encrypt.

This has been so since early December (at least).

Ref: https://github.com/publicsuffix/list/pull/64#issuecomment-168995305

schorsch3000 · February 16, 2016, 9:53am

a few days?
I am waiting a few days since early January

weppos · February 16, 2016, 10:07am

@schorsch3000 the PSL is not here to serve just you and Let’s Encrypt. The PSL project has been alive for at least 9 years, and funny enough it seems the entire world just discovered it these months because they are being rate-limited by Let’s Encrypt. Providers had years to request the submission to the PSL but they didn’t, so I hope you don’t mind if we are taking a little bit of extra time to make sure we continue to deliver an affordable service for the entire community.

As one of the contributor to the PSL, I’m thrilled that Let’s Encrypt decided to use the list. This is a sign that they value the project and recognize the quality of the list. And we strive to continue to maintain such level of quality. Quality requires time, and there’s a lot of other things we’re working on about the PSL that will increase the stability of the list and have higher priorities for us.

I understand your needs and believe me, we feel the pressure, but we also want to make sure we don’t make stupid errors in the process. As you probably know, pressure and urgency are bad advisors.

The implications of being in the list should not be underestimated. The list is used by the majority of browser vendors, therefore there may be side effects on how the domain is interpreted that a lot of newly submitters may not be fully aware of. We need to make sure that before they get on the list, they are fully aware of them. We had proof that some people were not, as they were only attracted by the need of bypassing rate-limiting to get a free Let’s Encrypt certificate.

Since your interest seems to be specific about Let’s Encrypt, you may also want to take a look at the comment I posted here. I think the comment equally applies to any PSL request that is LE-centric https://github.com/publicsuffix/list/pull/107#issuecomment-184602303

I appreciate your understanding.