Add SAN certificate batching to prevent Let's Encrypt rate limits#185
Open
mhenrixon wants to merge 1 commit intobasecamp:mainfrom
Open
Add SAN certificate batching to prevent Let's Encrypt rate limits#185mhenrixon wants to merge 1 commit intobasecamp:mainfrom
mhenrixon wants to merge 1 commit intobasecamp:mainfrom
Conversation
Batch up to 100 domains into a single SAN certificate, regardless of their root domain. This dramatically reduces certificate requests: - 1000 domains = 10 certificates instead of 1000 - Avoids the 300 orders/3 hours rate limit Features: - SANCertManager with HTTP-01 challenge support - Automatic domain batching (up to 100 per cert) - Certificate persistence and state management - CLI flags: --acme-email, --acme-directory
mhenrixon
force-pushed
the
san-certificate-batching
branch
from
93ab6a7 to
b82694e
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Batch up to 100 domains into a single SAN certificate, regardless of their root domain. This dramatically reduces certificate requests:
Features:
The reason for this PR is that I had to switch to Traefik for some projects due to long domain lists. It so unnecessary so I figured I take a stab at fixing it. If you are interested it would be a great addition.
I have another PR in the works for allowing wild card certificates and using domain providers with a token to generate certificates. I am still not pleased with those changes but this would serve an immediate need.