[GhotiFish]

This 100% blocked me. I tried to work around it by using lets encrypt to provision me certificates on the fly, but I got rate limited.

Then I started speccing out a way to get single certs for many subdomains in one request using SAN, and the whole thing looked like it would require more development time compared to just buying a wildcard cert. Very frustrating.

[xienze]

I mean it kind of makes sense doesn't it? If you need enough certs (> 20 per week) to hit the rate limit, you're probably running some sort of business -- in which case you probably shouldn't be depending on a free service and can likely afford the cost of wildcard certs.

[greggman]

I'm not running a business. I'm writing an open source library that needs certs because browsers are banning features unless served from https

http://docs.happyfuntimes.net

One cert per game * one hit game = need 10s of thousands of certs. But even without a hit game a single game jam would hit the limits

For reference here is an example of a similar problem and solution but it required $$$$$$

https://blog.filippo.io/how-plex-is-doing-https-for-all-its-...

PS: I know this is not a problem with Lets Encrypt. They are not trying to solve this problem.

It is a problem that needs a cheaper solution at least for open source projects.

[peteretep]

    > It is a problem that needs a cheaper solution at
    > least for open source projects.

Maybe: games.example.com/foobarbarz instead of foobarbaz.example.com?

[greggman]

how would this help? Like Plex each game is running a local webserver on a user's home computer/apple tv/android tv/etc. It's those devices that need the certs in order to serve content to browsers on player's smartphones.