I don't know. I've been using crontab running:
20 00 * * 7 /usr/bin/certbot renew --quiet
and never had any issues. This is the first time this specific certificate had required a renewal.
Trying to look through the logs:
2023-10-08 10:51:14,363:ERROR:certbot._internal.renewal:Failed to renew certificate mail.hallinet.se with error: [Errno 17] File exists: '/etc/letsencrypt/archive/mail.hallinet.se/privkey2.pem'
2023-10-08 10:51:14,368:DEBUG:certbot._internal.renewal:Traceback was:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 475, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1386, in renew_cert
renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage)
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 122, in _get_and_save_cert
renewal.renew_cert(config, domains, le_client, lineage)
File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 341, in renew_cert
lineage.save_successor(prior_version, new_cert, new_key.pem, new_chain, config)
File "/usr/lib/python3/dist-packages/certbot/_internal/storage.py", line 1139, in save_successor
with util.safe_open(target["privkey"], "wb", chmod=BASE_PRIVKEY_MODE) as f:
File "/usr/lib/python3/dist-packages/certbot/util.py", line 224, in safe_open
fd = filesystem.open(path, os.O_CREAT | os.O_EXCL | os.O_RDWR, *open_args)
File "/usr/lib/python3/dist-packages/certbot/compat/filesystem.py", line 208, in open
return os.open(file_path, flags, mode)
FileExistsError: [Errno 17] File exists: '/etc/letsencrypt/archive/mail.hallinet.se/privkey2.pem'
After that it seems that the script kept running, requesting certificates at random times during the day. But no certificate files were stored anywhere.
Now I have removed the line in crontab and deleted the certificate. That should stop the requests unless someone else is somehow requesting certificates for my domain.
The weird thing is that I removed the crontab line yesterday and was still rate limited today.