Getting rateLimited. It appears that certbot is renewing every certificate not just those that are under 30 days to expiration.
Version : certbot 0.10.2
Please fill out the fields below so we can help you better.
My domain is: https://www.flyershop.com Example expires 10/25/2017 and it is attempting to renew the certificate again.
#renew_before_expiry = 30 days
I ran this command: /usr/bin/certbot renew --no-self-upgrade
It produced this output:
My web server is (include version):Haproxy
The operating system my web server runs on is (include version):Debian Jessie
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I donât know): yes
Iâm using a control panel to manage my site (no, or provide the name and version of the control panel): no
schoen
July 25, 2017, 4:41pm
2
Hi @jozwikjp ,
Do you have a file /etc/letsencrypt/cli.ini? If so, could you post its contents?
If not, can you post the output of openssl x509 -noout -dates -in /etc/letsencrypt/live/www.flyershop.com/cert.pem?
Thank you for the quick reply.
nano /etc/letsencrypt/cli.ini
#authenticator = letsencrypt-haproxy:authops@printsites.com
root@ip-10-6-0-202:/etc/letsencrypt/scripts# openssl x509 -noout -dates -in /etc/letsencrypt/live/www.flyershop.com/cert.pem
Iâm going to go ahead and guess that your ârenew-by-defaultâ line is causing this behavior. That is the (deprecated) command line flag to ignore expiry period and force renewal. Try taking that out?
3 Likes
schoen
July 25, 2017, 5:08pm
6
This really shows why I should not have called it ârenew-by-defaultâ. That was sure to confuse people, and is still confusing them.
The option has now been renamed âforce-renewalâ, which I hope is clearer. We should try to find old tutorials that mention ârenew-by-defaultâ and get people to remove that name from their tutorials!
@jozwikjp , Iâm glad you got this cleared up!
3 Likes
system
August 24, 2017, 5:08pm
7
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.