|
|
|
|
|
|
by akerl_
850 days ago
|
|
|
I auto renew all my certs via either AWS ACM or lego. I also have monitoring that alerts me if a cert is nearing expiry. I’ve been alerted several times and been able to correct bugs or hiccups that would have caused the live cert to expire. Automation is not a replacement for monitoring: they are complementary. |
|
|
absolutely. there are any number of reasons Caddy would be unable to renew the cert, just off the top of my head:
- LetsEncrypt has downtime or unavailability
- If you're doing dns-01 challenges for LE, whatever cred Caddy uses for that might expire / become invalidated.
- disk fills up (or gets unexpectedly remounted read-only) and Caddy is unable to write the renewed certs