• abhibeckert@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      10 months ago

      Certbot is supposed to automatically renew certificates. It doesn’t do that reliably in my experience.

      We use it on non-critical systems and every few months I need to go in and fix things… that never happens with traditional certificates - those are setup and forget.

      As for the exact problems, I don’t think we’ve ever had the same problem twice. It’s always a once off thing but it’s still an hour of wasted time each and every time. If it happened on a proper production system it’d be a lot more than an hour, since whatever change is made would need a full gamut of testing / reporting / etc.