Caddy typically attempts to issue Let’s Encrypt or ZeroSSL certificates.
However, recently we have run into rate limiting with Let’s Encrypt, and seem to be having some trouble with ZeroSSL.
Recently, the number of other ACME certificate options has increased, so I thought it would be a good idea to use them with Caddy.
As discussed in past topics, Buypass certificates are easy to use with Caddy.
It might be a good idea to compile more specific information about this as a Wiki. someone will need it.
I also had a problem issuing certificates with ZeroSSL a while ago. When I log in to my account I see the following message:
Note: Your account is holding more than 100 ACME certificates. For using the Dashboard or API with this amount of ACME certificates you have to upgrade at least to the ZeroSSL basic plan.
Related topics have been posted in the past:
ZeroSSL doesn’t mention it prominently, but it was recently secretly added to this page
(Perhaps this is their strategy to encourage you to purchase a paid plan…):
Note
In case you have more than 100 ACME certificates you need at least a ZeroSSL basic plan in order to work with those in Dashboard or API. In case you have more than 100K ACME certificates you need at least a ZeroSSL premium plan in order to work with those in Dashboard or API.
and ZeroSSL may be experiencing problems with the ACME issuance process as the number of users increases.
So I had to revert to Let’s Encrypt (=LE). As a result, (LE rate limits were somewhat relaxed at that time)
some subdomains (free domains, For example FreeDNS) were suspended.
Note: If your domain uses many subdomains and you encounter LE rate limiting, I recommend applying for LE’s rate limiting form. In many cases, LE will approve this and extend the limit.
I learned that other ACMEs have recently increased, and I was also able to get a VPS to test them. I recently tested the Byepass certificate. Some subdomains were restored at that time.
Hey there. The 100 limit only applies to the API and dashboard, we’ve got far more than 100 certs on the free plan. I went through similar issues a while back where certs were not being renewed or created, in the end I put it down to ZeroSSL issues as having a paid account made no difference - ZeroSSL actually told me I needed to upgrade which was not true.
Okay. I am looking at a ZeroSSL certificate issued by Caddy.
But issuing ZeroSSL certificates took longer than other certificates. As expected, the ZeroSSL ACME server appears to be busy.
I will try using ZeroSSL and Byepass with Caddy. I’ll probably try other ACMEs as well.
Thank you for supporting ZeroSSL thus far.
We will return to the original topic in subsequent comments.
ACME and certificates currently available to Caddy and their Caddyfile settings.
This summary is great, Please create wiki pages for other similar certificates.
And here is a list of the types of certificates.
acme.sh’s README.md and Wiki are ideal.
Please disclose that many certificates can be used with Caddy.
It can be used as a promotional material as a feature of Caddy.
While I don’t think it’s our job on the Caddy website to maintain a list of all RFC 8555-compliant CAs, I’ll try to emphasize on our new site that any ACME (RFC 8555-compliant) CA can be used.
