Rate Limit Management

1 min read SSL/TLS & Certificates

Rate Limit Management

Let's Encrypt implements rate limits preventing abuse. Understand limits to avoid blocking:

  • Certificates per Registered Domain: 50 per week
  • Duplicate Certificate: 5 per week
  • Failed Validation: 5 failures per account, per hostname, per hour
  • Accounts per IP: 10 per 3 hours
  • New Orders: 300 per 3 hours

Work around rate limits:

# Check rate limit status
curl -s https://crt.sh/?q=example.com | grep "Let's Encrypt" | wc -l

# Use staging environment for testing
certbot certonly --staging --webroot -w /var/www/html -d example.com

# Combine multiple subdomains in single certificate
certbot certonly --webroot -w /var/www/html \
  -d example.com \
  -d www.example.com \
  -d api.example.com \
  -d blog.example.com

# Rate limit recovery strategy
# 1. Wait for limit reset (usually 1 week)
# 2. Use alternative CA temporarily
# 3. Request rate limit increase for large deployments