How to resume after client failure


#1

Hi,
we are developing our own ACME client which will realize the automatic asynchronous certificate issuance for more web servers/apps. Is there a recommended praxis how to resume an interrupted issuance process (when ACME client fails or must be shut down)? Is it possible to re-send the same Order again from beginning which is easier to implement? Other solution would be to use some state machine on the client side and try to continue from the last successful step which requires more development.
Petr


#2

Hi @petr.sob

it’s possible but I think, it’s not good. There are limits:

300 pending Authorizations, failed validation limit, 300 new order per account in 3 hours.

So if your client starts again, then you may hit one of these limits. And if your client is buggy, you want to create 50 new certificates … not a good idea.

I think this is the better solution. I save the results of each step in a simple file-based data table, with the next step. The filename is the CN domain name. If something crashes, I can repeat the command without creating a new order. And I use a mail notification.


#3

Not hitting this limit can be solved by proper “time management” of sending of orders, right? Which we should implement anyway.

So my original question remains I guess - is there something what really disables the possibility of sending Orders again?


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.