Should certbot ask to use staging when run interactive?

As the title says. Do we see reasons to do/don't do as such?

Or even staging by default, introducing a --prod[uction] switch?

3 Likes

feels like silent middle ground would be try over staging first and only go after they got staging cert, but not sure staging server can handle production + all the broken retries.

5 Likes

Maybe renewals go to production directly and only go back to trying staging when production has failed at least once?

4 Likes

Yes, if only new cert requests go through staging...
That might be worth the added one-time weight to that system [in order to whittle out those that would have only failed in production].
Better to fail in staging.

2 Likes

It would be interesting to see statistics about how many failed orders on average it takes for Certbot users to issue a certificate for a new set of domains. I am hesitant to draw any conclusions from what we see on the forum.

5 Likes

Yeah, we only see the statistical bias of success (that being those who need and come here for help).

2 Likes

But there is some data here Possible new feature: paused ACME accounts - #28 by jsha

2 Likes

from a 3-day run it looks like about 80% of http-01 challenge fails, and I don't think certbot's success rate be above average.

3 Likes

So,,, a 20% hit rate is what we're calling a success???
What is this, Baseball???
[200 ERA]
LOL

3 Likes

Looking at jsha's post: it looks like 1.9M out of 3M accounts succeed within 5 attempts, over 1 week. I don't have an intuition of whether this is better or worse than the rate for interactive users.

How many of the clients that contribute to the 80% failed authorization workload are interactive users who could potentially be redirected by a "Would you like to do a dry-run?" prompt, and how many are background tasks running on an aggressive schedule? How many are new issuances vs renewals?

One idea is that we could alter potentially Certbot's final output (the bit that directs users to these community forums) to include a suggestion to do a dry-run, if there was a challenge failure and the process ran interactively. But we did kind-of-recently remove a lot of superfluous text and it'd be good to understand the problem fully before adding more in again.

4 Likes

Yeah, I think at most some instructional text on failure that one may want to try the staging environment for further testing is what's needed. You don't want to direct everyone to staging, or staging end up being just another production environment that needs to be up just as much as the real one. It's also tricky as ACME spreads to other CAs where certbot may not know which staging environment maps to a particular CA's main environment (assuming such exists), or what those CA's rate limits are.

4 Likes