FIX: Rate limit and hijack certificate generation. (PR #8215)

To eliminate a DDOS attack vector, we’re taking the following measures:

  • The endpoint will be rate-limited to 3 requests every 60 seconds (per user).
  • A 24 hours max-age cache header is sent with the response.
  • The route will be hijacked to generate the certificate in the background.


1 Like

You’ve signed the CLA, romanrizzi. Thank you! This pull request is ready for review.