How to setup Let's Encrypt with Docker container that constantly must restart


#1

I have my HAProxy in a Docker container.
This Docker container is part of a larger dev environment, which means it gets restarted a lot.

There is a limit as to how many times I can acquire a new certificate, 5 certificates per 7 days. To counter this, I have the certificates in a volume. When the Docker container starts up it maps the volume, in other words it doesn’t really need to call Let’s Encrypt to acquire new certificates. However if there are no certificates the Docker container is to acquire new certificates (or update them).

I have solved the issue as to when there are no certificates the Docker container on startup aquires new certificates.

My problem is that if the certificates already exist and the Docker container runs the command for certificates I am met with the following error:

Renewal conf file /etc/letsencrypt/renewal/my.domain.conf is broken. Skipping.

I am using the command to renew my certificates (this is run every time the container is removed and built/started):

letsencrypt certonly --keep-until-expiring --agree-tos --email my@email.here --webroot --webroot-path /var/tmp -d my.domain --test-cert

How can I fix this setup? I basically either have certificates in place or don’t, I’d like the command to either acquire new certificates if they don’t exist or are outdated, and if they aren’t outdated do nothing.


#2

Hi @basickarl,

Is the my.domain.conf renewal configuration file in the mapped volume? Which files are included in the mapped volume?

If it is included, could you post its contents?


#3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.