Closed jasperf closed 5 years ago
Hi jasperf,
Stonemax/ACME2 creates only one accout for all generations of certificates.
Yeah, figured that out. Thread is kind of old and never posted back. Thanks for your reply @stonemax. Hope to see some new updates based on issues and or pull requests soon. Thanks for building this.
Is it correct that Stonemax/ACME2 sets up one account for the generation of certificates of domains? Or does it create on on every certificate request?
FYI LE Doc on Accounts _In ACME, it’s possible to create one account and use it for all authorizations and issuances, or create one account per customer. This flexibility may be valuable. For instance, some hosting providers may want to use one account per customer, and store the account keys in different contexts, so that an account key compromise doesn’t allow issuance for all of their customers.
However, for most larger hosting providers we recommend using a single account and guarding the corresponding account key well. This makes it easier to identify certificates belonging to the same entity, easier to keep contact information up-to-date, and easier to provide rate limits adjustments if needed. We will be unable to effectively adjust rate limits if many different accounts are used._