I am having trouble registering subdomains to my project.

My subdomains are registered on Cloudflare, and I have the necessary configurations set properly. (Inserted CNAME record pointing to cname.vercel-dns.com)
The first 50 or so domains were successfully registered without much waiting time, but after that, I’ve been only able to register successfully once every 3-5 hours.
The domains I try to register gets stuck on “Generating SSL Certificate…” for several hours.
Are there any usage limits?

image1336×1058 81.1 KB

I have tried disabiling/enabiling Cloudflare Proxy but it doesn’t seem to matter, as I was able to register the first 50 with Proxy turned ON, and a few with Proxy turned OFF.

SCR-20241017-h7d1372×1494 191 KB

I have to register around 160 more domains to this project, and I need it done during this week.
Any help or guidance is appreciated.

Current versus Expected behavior

Current: Domains are stuck at “Generating SSL Certificate…”. It seems to register only once every 3-5 hours.

Expected: Domains are registered instantly without any limits.

Hey,

We can’t investigate if you hide your domain. Could you share the domain with us?

Hi,

My apologies.

image1166×1108 68.4 KB

These were registered successfully 2hours ago, but again they took around 2 hours to complete.
I’m planning to test around 10 more in a few hours, and 50 later on.
If possible, I want to register around 150 domains in one go.

I’m curious if there is a certain limit to the number of domains you can register (or SSL Certificates vercel can generate) within a set amount of time?

Yes you can create maximum 50 SSL cert per domains in an week: Rate Limits - Let's Encrypt.

You should consider using wild card domain so that one *.example.com certificate can be used for all similar subdomains.

I see.
Is Let’s Encrypt rate limit the only problem here?

Thank you for your suggestion, but it is difficult for us to use the wild card domain as we would have to migrate our domains from Cloudflare to Vercel. There are other active services using multiple different subdomains, and we do not have the time to migrate all.

Are there any workaround to this rate limit? If 50 is the maximum per week, it would take us at least 3 weeks to complete registration of all sub domains and that is far from ideal.

It seems like the limit is not strictly 50, as I was able to register 5 or 6 more after I registered the first 50.

Right now I’m trying to add 8 more domains:

image926×1446 122 KB

Thanks.

Is Let’s Encrypt rate limit the only problem here?

Yes this is the problem. I found following errors in logs

too many certificates (50) already issued for "bestbeerjapan.com" in the last 168h0m0s, retry after 2024-10-17 07:41:03 UTC: see https://letsencrypt.org/docs/rate-limits/

Are there any workaround to this rate limit?

Unfortunately no as the rate limit is set by upstream service Letsencrypt. We don’t have control over this. For advanced usecase, you can consider upgrading to Enterprise plan which will unlock the ability upload custom SSL certificate on your own: Enterprise

Thank you!

Hi, I have a follow up question.

Would it be possible to:

1. Temporarily upgrade to the Enterprise plan and upload custom SSL certificate for now and use it for the remaining 150 domains
2. Continue issuing SSL certificate through vercel
3. Once all 150 SSL certificates are issued, switch to using the vercel issued certificates

Thank you.

Hi,

Enterprise plan comes with minimum 1 year commitment I believe. You can check with our Sales team for more information.

Also you will face this issue again during renewal of all these certificates. It’s better to switch to wildcard one which will use 1 certificate for all similar subdomains

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.