Acceleration of obtaining SSL for a large number of sites

There are a lot of sites on the server (more than 1000). When LetsEncrypt certificates are automatically updated, nginx and apache2 are reloaded for each domain. It takes a lot of time.

Can I remove commands in “v-add-letsencrypt-domain”:

and move them closer to the end of “v-update-letsencrypt-ssl”? So that the reboot does not occur on every domain, but only once.

Will not work as the savings of time will be minimal



All those restarts are “required” as we need to update the config for of it will not speed up a lot.

2nd the “biggest” delay is not the restart / reload of nginx but the LE in general…

LE has rate limiting policy. It can ban your server if it makes too many requests

Yes but for a lot of domains it is not a “real” issue the limit is about 500 domains / 3hr or 10 accounts per 3 / hours. as we reuse each account. 500 domains an our are still “fine”

The restart of apache2 itself takes about 1-2 minutes. At this time, no sites is available. And since there are a lot of sites, it turns out that the server may be unavailable for a whole day. Therefore, I want to restart apache2 only once and not every time for each domain.

Probably the “biggest” time profit is to use reload instead restart where possible.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.