Is challenge required for old and new domains?

I have question about challenges of cert-manager.
Suppose that I had the following scenario, where I have two domains (domain 1 and domain2) already challenged and the certificate is issued for those.
After some time, I want to add domain 3, which will be challenged.
But now my question below.

Will domain 1 and domain 2 required to be challenge again as well?
Could you give a briefly explanation for it?

Thank you!

2 Likes

Welcome to the Let's Encrypt Community :slightly_smiling_face:

If the authorizations for domain1 and domain2 are both less than four weeks old for a particular ACME account, only domain3 will need to be authorized for that ACME account. This is due to authorizations being cached for four weeks on a per-ACME-account basis.

3 Likes

@griffin,
Note: Authorizations are NOT guaranteed to be cached for (four weeks / 30 days / 1 month).
They can be cached for up to ...

3 Likes

Thank you @griffin @rg305
It was really helpful!

2 Likes

Quite true, @rg305. I should have been more clear.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.