Hi,
Since a few weeks, I seem to have more trouble renewing let’s encrypt certificates automatically at night. When run manually during day time, no problem (yet).
P.e. the log for yesterday:
==[API call]==
exit status: 23
==[Step 2]==
- status: 503
- nonce:
- authz:
- finalize:
- payload: {"identifiers":[{"type":"dns","value":"{domain}"}]}
- answer: HTTP/2 503
server: nginx
date: Tue, 06 Jun 2023 00:14:03 GMT
content-type: application/problem+json
content-length: 90
cache-control: private
retry-after: 21
{"type": "urn:ietf:params:acme:error:rateLimited", "detail": "Service busy; retry later."}
order:
and today’s log:
==[API call]==
exit status: 23
==[Step 2]==
- status: 500
- nonce: {munged}
- authz:
- finalize:
- payload: {"identifiers":[{"type":"dns","value":"{domain}"}]}
- answer: HTTP/2 500
server: nginx
date: Wed, 07 Jun 2023 00:14:10 GMT
content-type: application/problem+json
content-length: 114
boulder-requester: {munged}
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: {munged}
{
"type": "urn:ietf:params:acme:error:serverInternal",
"detail": "Error creating new order",
"status": 500
}
order:
Would it be possible to have the renewal script try it a few times after a random sleeptime, before spitting an error? Or does anybody have any other idea?
Thank you.