Issue other ACME certificates with Caddy

Caddy typically attempts to issue Let’s Encrypt or ZeroSSL certificates.
However, recently we have run into rate limiting with Let’s Encrypt, and seem to be having some trouble with ZeroSSL.

Recently, the number of other ACME certificate options has increased, so I thought it would be a good idea to use them with Caddy.

As discussed in past topics, Buypass certificates are easy to use with Caddy.

What about other ACME endpoints? contains information about some ACME
For example, what about ACME?:
GitHub - acmesh-official/ A pure Unix shell script implementing ACME client protocol

I think some people are choosing Caddy to use ZeroSSL, so I think this information sharing will be useful.

Additionally, if you want to use ZeroSSL certificates with Caddy:

Yeah, you can use any ACME-compatible CAs with Caddy.

Buypass works. I’ve tested that.

Google Trust Services also works.

Some CAs will require an External Account Binding (EAB) that you’ll have to add to your config first.

But yeah, you can absolutely use any ACME CAs you’d like.

What issues are you having with ZeroSSL, exactly? Anything like this?

1 Like

It might be a good idea to compile more specific information about this as a Wiki. someone will need it.

I also had a problem issuing certificates with ZeroSSL a while ago. When I log in to my account I see the following message:

Note: Your account is holding more than 100 ACME certificates. For using the Dashboard or API with this amount of ACME certificates you have to upgrade at least to the ZeroSSL basic plan.

Related topics have been posted in the past:

ZeroSSL doesn’t mention it prominently, but it was recently secretly added to this page
(Perhaps this is their strategy to encourage you to purchase a paid plan…):

In case you have more than 100 ACME certificates you need at least a ZeroSSL basic plan in order to work with those in Dashboard or API. In case you have more than 100K ACME certificates you need at least a ZeroSSL premium plan in order to work with those in Dashboard or API.

and ZeroSSL may be experiencing problems with the ACME issuance process as the number of users increases.

So I had to revert to Let’s Encrypt (=LE). As a result, (LE rate limits were somewhat relaxed at that time)
some subdomains (free domains, For example FreeDNS) were suspended.

Note: If your domain uses many subdomains and you encounter LE rate limiting, I recommend applying for LE’s rate limiting form. In many cases, LE will approve this and extend the limit.

I learned that other ACMEs have recently increased, and I was also able to get a VPS to test them. I recently tested the Byepass certificate. Some subdomains were restored at that time.

Hey there. The 100 limit only applies to the API and dashboard, we’ve got far more than 100 certs on the free plan. I went through similar issues a while back where certs were not being renewed or created, in the end I put it down to ZeroSSL issues as having a paid account made no difference - ZeroSSL actually told me I needed to upgrade which was not true.


Thank you for sharing your experience.
I’ll try ZeroSSL issuance with Caddy later.

Okay. I am looking at a ZeroSSL certificate issued by Caddy.
ZeroSSL certificate issued

But issuing ZeroSSL certificates took longer than other certificates. As expected, the ZeroSSL ACME server appears to be busy.
I will try using ZeroSSL and Byepass with Caddy. I’ll probably try other ACMEs as well.
Thank you for supporting ZeroSSL thus far.

We will return to the original topic in subsequent comments.

This is a known issue – unfortunately they’re bottlenecked by their software vendor.

Anyway, yeah, what would you like us to update in the docs?

The only real thing to configure is the CA URL. (And EAB if they require it. But that’s up to the CA to document, not us.)

ACME and certificates currently available to Caddy and their Caddyfile settings.

This summary is great, Please create wiki pages for other similar certificates.
And here is a list of the types of certificates.’s and Wiki are ideal.
Please disclose that many certificates can be used with Caddy.
It can be used as a promotional material as a feature of Caddy.

While I don’t think it’s our job on the Caddy website to maintain a list of all RFC 8555-compliant CAs, I’ll try to emphasize on our new site that any ACME (RFC 8555-compliant) CA can be used.

Maybe we could link to

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.