AnsweredAssumed Answered

Why is Akamai's LetsEncrypt validation so slow?

Question asked by John Holmstadt on Nov 1, 2017
Latest reply on Nov 7, 2017 by Michael Kuchyt

Anyone who has used LetsEncrypt to obtain a cert outside of Akamai CPS has seen how quickly one can request, validate, and obtain a cert when you have the right tools set up. Compared to traditional DV methods, ACME with HTTP is practically instantaneous. By comparison, Akamai's implementation of ACME DV seems ridiculously slow.

 

From the moment I submit a request for a cert, CPS takes ~40 minutes to actually place the validation token in http://dcv.akamai.com/.well-known/acme-challenge/ . Then takes another ~20 minutes before the validation status proceeds to "Valid". During that hour spent just waiting for validation, the request sits in a state of "Awaiting user", even though I have a blanket redirect already in place on the applicable domains' /.well-known/acme-challenge/* path to http://dcv.akamai.com/.well-known/acme-challenge/ .

 

Is there something I'm doing wrong which makes this process take so long, even though I don't have to take any further action beyond the initial order submission for it to reach completion?

 

If this is a known issue with Akamai's implementation, is there any plan to speed up this process? In a new Akamai world of fast activations, and instant purges, delays like this irk me.

Outcomes