Let’s Encrypt is a Certificate Authority (CA) that provides an easy and most straightforward way to install free TLS/SSL certificates by allowing encrypted HTTPS on web servers to make your website secure. They have roughly the same rights and authority as any other existing certificate authority on the market.
Let’s Encrypt uses rate restrictions to ensure that as many users as possible use it fairly. It is a free and open Certificate Authority (CA) with security and privacy-respecting to the web to people who want to secure their websites with HTTPS, but it also has some limitations.
The limitations are strict by Let’s Encrypt and must be followed; therefore, we must comply with them and cannot modify the limitations. In this KB, we will give you an overview of those limitations imposed by Let’s Encrypt.
- It will not give you with insurance in the tens of thousands of dollars in the unlikely event that it is hacked, but it will provide you with a secure link between your site and the visitor to your site.
- The Let’s Encrypt certificate is valid for only 3 months, but the best thing is it auto-renews before 30 days of expiration. It is pro-security as it requires a key change every three months.
(Note: Devrims also providing a 1-click option to enable/disable this feature within the Devrims Dashboard).
- If you are using an on-demand renewal process, you can renew your SSL certificate only five times per day. If you exceed the daily limit, the limit will reset after 24 hours. After renewal, your SSL certificate will be renewed for the next 3 months from the date of issuance.
- Before installing Let’s Encrypt SSL, it is mandatory to point your website to the web host. So if you have a website on Devrims server, you must point to your server IP to install the Let’s Encrypt.
(Note: We have a detailed knowledge base article on how to install free SSL certificate on your application.)
- Let’s Encrypt only issue 5 certificates per FQDN in a week. If you install a certificate for the FQDN (www.abc.com, abc.com), you can install only four more certificates for the same FQDN during the same week.
- Let’s Encrypt has a technical limitation of 100 domains per certificate. If your limit reaches the threshold, try to remove needless domains from the certificate generation list.
Note: If you’ve hit a rate limit, we don’t have a way to reset it temporarily. You’ll have to wait a week until the rate limit expires. Searching http://crt.sh, which uses the public Certificate Transparency logs, will return a list of certificates issued for your registered domain.