Just a quick issue here…
Hestia create a new let’s encrypt user for each user account…
And I just don’t understand why…
I try to deploy a new server, with 200 websites, for security reason, each website use is own ssh user…
And after that, I’m just unable to create a SSL certificate with let’s encrypt because I can only create 10 let’s encrypt account / 3 hours !
This mean it will take 3 days to create all accounts !
but why ? Just why you want to create a new let’s encrypt account for each hestia account ? This is just … I don’t know… I can’t even understand why you do that…
Is there any way to use only 1 let’s encrypt account for the whole server ?
You can just copy le.conf and user.key files located in /usr/local/hestia/data/users/$USER/ssl/ to another users to avoid create new accounts, but you have 200 websites and with the same account you could hit other rate limits so having only one could lead to more problems.
atm I was able to import the old certificates from the other server.
A good thing that I was able to access those files.
And now I have created a script that I will run every 3H to slowly create LE accounts and switch to those certificates, to be sure they will be updated correctly.
It should be fine in 2 or 3 days.
About donation, I work alone, I have a very small business, but I will try to do something. I don’t own those servers, they are owned by my clients, I only manage them. And I will suggest them to make a donation.
If multiple people give something it could be better.
Here are a couple of relevant Let’s Encrypt documents that may be good reference material, as well as the link to their excellent Community, in case you run into anything out of scope for this forum and want some help.
thx, but there is nothing I can do about rate limit except comply to them.
The OP was more about the reason why hestia was design with 1 let’s encrypt account by hestia user account.
I don’t know the dev reason but to me it makes sense because every hestia user is independent, that means, no relationship with other hestia users so every user must have the option to have their own rate limits and notifications via mail from LE.
I don’t know why it was decided like this. For a normal “growing” server this is probably not a real issue. Not many users need to create 10 lets encrypt accounts in 3 hours …