Skip to content

Stop incorrectly issuing new orders on container (re)start #22

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Stop incorrectly issuing new orders on container (re)start #22

wants to merge 1 commit into from

Conversation

jcgl17
Copy link

@jcgl17 jcgl17 commented May 26, 2025

closes #19

Previously, I would hit Let's Encrypt rate limiting issues, even when the cert had already been issued:

$ docker logs send-docker-compose_proxy-letsencrypt_1
Info: running acme-companion version v2.6.0-2-g8da1790
Warning: '/etc/acme.sh' does not appear to be a mounted volume.
Info: 4096 bits RFC7919 Diffie-Hellman group found, generation skipped.
Reloading nginx docker-gen (using separate container nginx-proxy)...
Reloading nginx (using separate container nginx-proxy)...
2025/05/21 18:09:56 Generated '/app/letsencrypt_service_data' from 4 containers
2025/05/21 18:09:56 Running '/app/signal_le_service'
2025/05/21 18:09:56 Watching docker events
2025/05/21 18:09:56 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service'
[Wed May 21 18:09:58 UTC 2025] Account key creation OK.
[Wed May 21 18:09:58 UTC 2025] Registering account: https://acme-v02.api.letsencrypt.org/directory
[Wed May 21 18:09:59 UTC 2025] Registered
[Wed May 21 18:09:59 UTC 2025] ACCOUNT_THUMBPRINT='qwertyuiop'
Creating/renewal myhost.example.com certificates... (myhost.example.com)
[Wed May 21 18:10:00 UTC 2025] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Wed May 21 18:10:01 UTC 2025] Creating domain key
[Wed May 21 18:10:02 UTC 2025] The domain key is here: /etc/acme.sh/webmaster@example.com/myhost.example.com/myhost.example.com.key
[Wed May 21 18:10:02 UTC 2025] Generating next pre-generate key.
[Wed May 21 18:10:02 UTC 2025] Single domain='myhost.example.com'
[Wed May 21 18:10:04 UTC 2025] Error creating new order. Le_OrderFinalize not found. {
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "too many certificates (5) already issued for this exact set of domains in the last 168h0m0s, retry after 2025-05-21 23:40:23 UTC: see https://letsencrypt.org/docs/rate-limits/#new-certificates-per-exact-set-of-hostnames",
  "status": 429
}
[Wed May 21 18:10:04 UTC 2025] Please check log file for more details: /dev/null
Sleep for 3600s

Now:

$ docker logs send-docker-compose_proxy-letsencrypt_1
Info: running acme-companion version v2.6.0-2-g8da1790
Info: 4096 bits RFC7919 Diffie-Hellman group found, generation skipped.
Reloading nginx docker-gen (using separate container nginx-proxy)...
Reloading nginx (using separate container nginx-proxy)...
2025/05/26 07:19:26 Generated '/app/letsencrypt_service_data' from 4 containers
2025/05/26 07:19:26 Running '/app/signal_le_service'
2025/05/26 07:19:26 Watching docker events
2025/05/26 07:19:26 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service'
Creating/renewal myhost.example.com certificates... (myhost.example.com)
[Mon May 26 07:19:26 UTC 2025] Domains not changed.
[Mon May 26 07:19:26 UTC 2025] Skipping. Next renewal time is: 2025-07-19T23:34:40Z
[Mon May 26 07:19:26 UTC 2025] Add '--force' to force renewal.
Sleep for 3600s

@jcgl17 jcgl17 mentioned this pull request May 26, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

ssl cert issueing with every docker compose up
1 participant
@jcgl17