Hi all,
TLDR - Is there a simple way to create a new cert if it doesn’t already exist for the domain or if it does exist, only renew it if it’s about to expire?
Background - I’ve got a number of dev servers running continuous testing. They start almost blank (they had an initialisation script run to setup standard software (e.g. git), including LetsEncrypt, but without the certs), we then run a deployment script for our software (where we’d like to setup the LetsEncrypt certs) and then tests.
Problem is, we’re hitting the limits on certificate generation.
The deployment script runs in Python (fabric) - non-root. It only calls sudo when needed so we can’t easily access the certs to check their creation dates in python, so was hoping Lets Encrypt could do the “create or update” in a single sudo call.
Hope you can help,
Jamie
My domain is:
hcp1.ddns.net
I ran this command:
/opt/letsencrypt/letsencrypt-auto certonly --non-interactive --agree-tos --email me@mydomain.com --domain hcp1.ddns.net --renew-by-default --webroot -w /var/hcp1/www
It produced this output:
[jamie@localhost] out: Saving debug log to /var/log/letsencrypt/letsencrypt.log
[jamie@localhost] out: Renewing an existing certificate
[jamie@localhost] out: Performing the following challenges:
[jamie@localhost] out: http-01 challenge for hcp1.ddns.net
[jamie@localhost] out: Using the webroot path /var/hcp1/www for all unmatched domains.
[jamie@localhost] out: Waiting for verification…
[jamie@localhost] out: Cleaning up challenges
[jamie@localhost] out: An unexpected error occurred:
[jamie@localhost] out: There were too many requests of a given type :: Error creating new cert :: too many certificates already issued for exact set of domains: hcp1.ddns.net
[jamie@localhost] out: Please see the logfiles in /var/log/letsencrypt for more details.
My operating system is (include version):
Ubuntu 14.04
My web server is (include version):
nginx version: nginx/1.10.3