I ran this command: Attempted to add a certificate automatically while using Heroku
It produced this output: "Domain considered unsafe"
My web server is (include version): gunicorn 20.1.0 on Heroku
The operating system my web server runs on is (include version): Ubuntu 22.04 LTS
My hosting provider, if applicable, is: Heroku
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Yes, Heroku
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Not using Certbot, though attempting to get a certification through certbot works. We're trying to find out why the automated process failed and Heroku said to contact Let's Encrypt.
Hello @zjones, welcome to the Let's Encrypt community.
Here is a list of issued certificates for crt.sh | www.letstalkshots.com, the latest being 2022-10-28.
Hello! We manually generated a certificate with Let's Encrypt after the automated process on Heroku failed, but we're trying to avoid having to generate a new one manually every time it expires.
Heroku sent the following when we reached out to them:
Unfortunately, there isn't much that we (Heroku) can do about this directly as we build ACM on top of Let's Encrypt who manages the SSL certification for the domains. If your DNS settings are correct (per our docs) and you're stuck in an ACM status and heroku certs:auto:refresh doesn't resolve the issue, you're probably being rate-limited by Let's Encrypt. I would contact Let'sEncrypt directly to see if they can provide any insight on why the domain's cert generation failed, or perhaps they'll have a workaround for you. As always, we'll be standing by in case we can be of further help as well.
Unclear exactly why it failed, given the manually cert worked fine, but trying to figure out how to resolve it.
"Domain considered unsafe" isn't an error message that our API ever returns. It would be helpful to find out which error code or message of ours Heroku is encountering.
Yeah, not loving their response. I'll try the process again and see what happens, and see if they can dig into the details a little more to figure out what's going on.