Yeah that’s cool. It’s really good to have multiple ACME CAs, with some feature diversity. ZeroSSL offers things that Let’s Encrypt doesn’t, like longer-lived certs (which is appealing to businesses, despite the anti-pattern), monitoring, and probably higher rate limits and such.
For example, if Caddy notices that there is a Let’s Encrypt rate limit on a domain, it may want to issue it with ZeroSSL.
It would be ideal to be able to select Let’s Encrypt and ZeroSSL certificates by domain, in case the user knows that in advance.
There are still some who are choosing paid certificates.
Let’s Encrypt is good enough for many people (especially web developers),
but there are many who are happy with ZeroSSL.
acme_ca specifies the URL to the ACME CA’s directory. It is strongly recommended to set this to Let’s Encrypt’s staging endpoint for testing or development. Default: Let’s Encrypt’s production endpoint.
Currently Caddy v2 (via CertMagic) switches to the LE staging endpoint if an error is hit, so hitting rate limits should be very rare if not impossible (as long as you have Caddy’s storage directory persisted, and as long as you don’t have multiple Caddy instances running that fetch certs for the same domains, and that are not sharing the same storage).
It is being finished. I don’t know the completion date but it’s in progress. I just know the delay is necessary to ensure full ACME spec compliance which is really important; they are working to get it right.
In order to use the ACME protocol with ZeroSSL, this is the server URL to connect to:
Connect via API Access Key
If you are using one of our Partner ACME Clients (e.g., Caddy), you will be able to connect to the ACME client using your ZeroSSL API access key. Your key can be found in the Developer section of your ZeroSSL management console.