need automatic retry for LE server busy response. #281
Comments
|
More information here. Staff confirm here in this announcement, expected behaviour is to retry. https://community.letsencrypt.org/t/new-service-busy-responses-beginning-during-high-load/184174 |
chrcoluk
changed the title
|
According to the LE forum post, I solved this by adding |
|
another way is by introducing this yourself in a calling script. I have a cron job calling an update script monthly for that. [blahblah]
# obtaining certificate by login with account key using former csr and doing the challenge
renew_cert() {
python3 /home/cert/acme-tiny/acme_tiny.py --account-key $CERT_DIR/letsencrypt.acct.key.pem --csr $CERT_DIR/$REQ_NAME --acme-dir /var/www/html/challenges/ > $CERT_DIR/$CERT_NAME
if [ $? -ne 0 ]; then
return 1
else
return 0
fi
}
renew_cert
if [ $? -ne 0 ]; then
sleep 120
printf "\n\nSecond try...\n\n"
renew_cert
if [ $? -ne 0 ]; then
printf "\n\nError renewing certificate! Fallback to old cert.\n"
cp $CERT_DIR/$CERT_NAME.old $CERT_NAME
exit 1
fi
fiQuick & dirty and working since the beginning of Let's Encrypt flawlessly. |
|
That workaround doesn't work in my case, as my certificate has many SANs, which need to go through in one attempt. |
|
Ok, I understand. I have 8 SANs, that works for me. |
Seems LE's cert server is now prone to rejecting the request with the following response.
After a bit of searching it seems its starting to become more common, and its a case of just retrying, and indeed it is quite random, so one domain could get the error, then the one immediately after is signed successfully.
Is it possible to add automatic retrying for this response?
The text was updated successfully, but these errors were encountered: