nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

Let's Encrypt ups rate limits

20 is plenty

By John Leyden, 18 Aug 2016

Let's Encrypt has revised its rate limits to make life easier for large organisations and hosting providers who use its services.

The certificate authority set up rate limits for cert creation as a defence against hacker interference and denial of service attacks. However the limitation created problems for internet service providers hoping to roll out Let's Encrypt as part of their service offering.

In response, the non-profit-backed authority has clarified that its main restriction is a weekly limit of 20 certificates per registered domain and a duplicate certificate limit of five certificates per week.

“We’ve designed [them these rate limits] so renewing a certificate almost never hits a rate limit, and so that large organisations can gradually increase the number of certificates they can issue without requiring intervention from Let’s Encrypt,” the organisation explains in a blog post.

“If you’re actively developing or testing a Let’s Encrypt client, please utilize our staging environment instead of the production API.”

Let’s Encrypt provides free of charge digital certificates through an automated process designed to cut through complexity and cost and allow more websites to offer encrypted, secure HTTPS websites. The service, which is backed by Mozilla, Akamai and the Electronic Frontier Foundation, left beta trials in April. The operation passed the 5 million active certificate milestone on Monday. ®

The Register - Independent news and views for the tech community. Part of Situation Publishing