Hey, Let's Encrypt, team!
We love your product and have moved a good bit of our stack and developer workflow to let's encrypt. Although we've been using it for over a year, we just started to hit the 50 requests for a top-level domain per-week limit. A teammate submitted a ticket to raise the limit for our domain. Is there any way we can expedite this? As a temporary solution, I've moved non-production requests to the staging API.
Thanks for your help!
Hi @cmcgalliard, and welcome to the LE community forum 
I don't think there is any way to expedite such requests.
"non-production" requests should always go to staging - that should be a permanent change.
You could also try using an alternate domain name - does your "company" control any other name(s)?
You mean using the rate limit excemption form? When did you apply? It can take a while unfortunately, as it's a manual process and the actual Let's Encrypt team is rather small (most users on the Community are "just" voulunteers not associated with LE itself).
We're considering alternatives here for sure but for the time being, we'll use the staging infrastructure, we've not hit this limitation before.
We applied this week - totally get it the limitation and the LE being small! We are super thankful for the tool ya'll provide
Just thought I'd ask, because you never know until you ask sometimes, thank you both for your quick and helpful responses.
You should count on "a few weeks".
Thanks!
I think you are misinterpreting @rg305's point – the ability to use LetsEncrypt's staging environment instead of production in your implementation is highly indicative of an anti-pattern being leveraged in at least some of your deployment. While LetsEncrypt will approve rate-limit increases for organizations that require such an increase, the details you have shared imply you do not actually require a rate limit increase because you are using the service incorrectly.
Please be respectful of let's encrypts resources. Every certificate you issue expends some resources and requires sufficient OCSP capacity be reserved to serve requests for the lifetime of that certificate.
Staging does not have these limitations. Operating a CA is expensive and the least you could do is follow best practices.
Hey,
Thanks, @ski192man and @jvanasco I was trying to avoid going into detail but yeah, we're going to adjust how we are using our cert process in our non-production environments.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.