httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [users@httpd] Thousands of SSL certificates
Date Sun, 20 Dec 2015 18:19:19 GMT

we are, currently, implementing Let's Encrypt CA so every domain and  
subdomain has its own SSL certificate. Everything was ok on servers  
with little amout of virtual hosts but problem with server  
start/reload arises after activation on server with 4000 certificates  
installed - start and reload takes about 1-2 minutes. I have several  

1.) Any hints how to optimize this?
2.) Will it help if every certificate will have the same  
public/private key so Apache doesn't need to process 4000 private  
keys? Let's ignore any impact on security.
3.) Was anyone other dealing with this yet?

I was also considering joining domains into groups and generating one  
certificate per group (so, for example, with groups of 50 domains this  
will create only 80 certificates) but i don't like this solution very  

Thank you.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message