Can AWS create a network traffic exemption for SSL issuers?

Hi,

Thanks for the reply. The issue is not Sectigo / LetsEncrypt, the issue is that ALL traffic to and from the AWS instance is being blocked by AWS until the instance is restarted. This is all ports, there is literally zero traffic. This seems to be triggered by the AutoSSL process with Sectigo / LetsEncrypt, but any similar process would trigger the same AWS block. There are some posts on the internet about other users having similar experiences, and have experimented to confirm this is some sort of AWS limit in addition to standard bandwith. Presumbly its designed to stop spammers or similar, but is also being triggered by legitmate processes.

Are you able to view the error messages returned from AutoSSL?

This could be a rate limit from LetsEncrypt or Sectigo API

As per Lets Encrypt Rate Limits, some of the limits are

You can create a maximum of 10 Accounts per IP Address per 3 hours. You can create a maximum of 500 Accounts per IP Range within an IPv6 /48 per 3 hours.

You can create a maximum of 300 New Orders per account per 3 hours.

Renewals are treated specially: they don’t count against your Certificates per Registered Domain limit, but they are subject to a Duplicate Certificate limit of 5 per week.

If you believe blocking is by AWS, I suggest you create a support case