Could Traefik manage LetsEncrypt certifications for 10,000+ domain names?
Say I have a SaaS application where customers can use their own domain name, could Traefik manage all the certificates and renewals for so many domains?
Traefik can manage that but Let's Encrypt will not allow you to do that.
If you are a large hosting provider or organization working on a Let’s Encrypt integration, we have a rate limiting form that can be used to request a higher rate limit. It takes a few weeks to process requests, so this form is not suitable if you just need to reset a rate limit faster than it resets on its own.
Most SaaS applications use LetsEncrypt, and many of 100K+ domains so I guess it is possible via that form you suggest.
What backends does Traefik support, does it have postgres?
When developing an application locally, how could I test the LetsEcrypt integration?
In general the official limit is 50 domains per week. Those can be wildcards, so you can have endless customers with customer1.example.com.
Traefik can use external backends only for providing dynamic config data, those are called providers. Traefik generated LetsEncrypt TLS certs are always stored in a local acme.json file.
You could create LE TLS certs externally from Traefik (with certbot, go-acme, etc), then load them via a provider. (Proof of concept using providers.http)
If you are using Traefik in Kubernetes, then LetsEncrypt is usually handled by cert-manager.
1 Like