|
|
|
|
|
|
by jrochkind1
3788 days ago
|
|
|
Ah, I didn't catch that this limit was applied to the TLD+1. Weird, why allow a generous 500 registrations per 3 hours, while limiting certs per domain like this? Anyone have a link to anywhere that letsencrypt explains what they are trying to do here? |
|
|
Certificates have to be signed by a Hardware Security Module with limited capacity. OCSP messages have to be signed every couple of days for the lifetime of a cert by the same HSM. This is significantly harder (and more expensive) to scale.