Last updated: | See all Documentation
We highly recommend testing against our staging environment before using our production environment. This will allow you to get things right before issuing trusted certificates and reduce the chance of your running up against rate limits.
The ACME URL for our ACME v2 staging environment is:
https://acme-staging-v02.api.letsencrypt.org/directory
If you’re using Certbot, you can use our staging environment with the --dry-run flag. For other ACME clients, please read their instructions for information on testing with our staging environment. Please note the v2 staging environment requires a v2 compatible ACME client.
Rate Limits
The staging environment uses the same rate limits as described for the production environment with the following exceptions:
- The Certificates per Registered Domain limit is 30,000 per week.
- The Duplicate Certificate limit is 30,000 per week.
- The Failed Validations limit is 60 per hour.
- The Accounts per IP Address limit is 50 accounts per 3 hour period per IP.
- For ACME v2, the New Orders limit is 1,500 new orders per 3 hour period per account.
Root Certificate
The staging environment intermediate certificate ("(STAGING) Artificial Apricot R3") is issued by a root certificate not present in browser/client trust stores. If you wish to modify a test-only client to trust the staging environment for testing purposes you can do so by adding the "(STAGING) Pretend Pear X1" certificate to your testing trust store. Important: Do not add the staging root or intermediate to a trust store that you use for ordinary browsing or other activities, since they are not audited or held to the same standards as our production roots, and so are not safe to use for anything other than testing.
Certificate Transparency
The staging environment submits pre-certificates to the Let’s Encrypt Testflume and Google testtube CT test logs and includes returned SCTs in the issued certificates.
Continuous Integration / Development Testing
The staging environment has generous rate limits to enable testing but it is not a great fit for integration with development environments or continuous integration (CI). Making network requests to external servers can introduce instability and the staging environment offers no way to “fake” DNS or challenge validation success which makes for more complicated test setups.
In addition to the staging environment Let’s Encrypt offers a small ACME server purpose built for CI and development environments called Pebble. Running Pebble on your development machine or in a CI environment is quick and easy.