I ran this command:
wacs.exe --target manual --host [myhost] --certificatestore My ^
--installation iis,script --installationsiteid 1 --script "Scripts\ImportSSTP.ps1" --scriptparameters "{CertThumbprint}" ^
--verbose --validation azure ^
--azuretenantid [tenantId] ^
--azureclientid [clientId] ^
--azuresecret [secret] ^
--azuresubscriptionid [subId] ^
--azureresourcegroupname [resource-group-name]
The command runs fine and generates a certificate as needed. However, I noticed that a re-run of the command will generate a new certificate, rather than re-use the existing one. Does it mean Azure / DNS verification doesn't re-use cached certificates?
The version of my client (win-acme / wacs): 2.1.18.1119
I don't use windows and am not familiar with wacs.exe... However, I would expect that if one were to run the same exact command that one would get the same exact result.
I see you are using a script for the process. I am also NOT familiar with the script or it's usage.
But a quick scan of the win-acme documentation does offer information relating to your desired result.
--renew
Renew any certificates that are due. This argument is used
by the scheduled task. Note that it's not possible to
change certificate properties and renew at the same time.
--force
Force renewal when used together with --renew. Otherwise
bypasses the certificate cache on new certificate
requests.
Another volunteer here may be able to give you more support...
"That's all I got!"
Hope it helps a little?
I believe win-acme does have some certificate caching so if you consider that there's a bug you should report it on their github issues.
Meanwhile, if your objective is to be able to repeatedly run a script from an existing certificate also check out https://certifytheweb.com (software I developed) and it's Deployment Tasks feature. Tasks are repeatable from the Tasks tab.