Maximum Certificates per Server


(imoon) #1

Hi everyone,

We have an IIS server that serves a few thousand domain names (without SSL).
We want to secure those domains with SSL and considering Caddy for that purpose, so Caddy will transfer plain HTTP traffic to IIS.
(Caddy will be installed on a separate server).

  1. Is there any limitation on the number of certificates per Caddy server?
    IIS has performance issue with +200 SSL certificates but I couldn’t find any documentation about it for Caddy.

  2. Any other tips or best practices we should know before implementing this solution?

Thank you!


(Matt Holt) #2

Hi @imoon - welcome!

  1. No, Caddy imposes no such limits and performs well on servers known to host thousands of sites. But you should be aware of Let’s Encrypt’s rate limits.

  2. Aside from Let’s Encrypt’s rate limits, I recommend using just one ACME account, and be sure to use Let’s Encrypt’s staging environment for testing! You can use Caddy’s -ca flag to set the CA URL to their staging environment.

Otherwise, things should mainly just work. Use Caddy’s default TLS settings, unless you have a specific, good reason to change them.

Also, please consider purchasing commercial licenses for business use of the binaries you download from the Caddy site (building from source is free, of course); for operating at such scale as you are, you may want some support from us, the developers, as well! :slight_smile: