The login.gov team noticed three certs on CertSpotter for developers.login.gov. I hypothesize that this happened because there were three update-service commands issued yesterday - one by @rogeruiz that was missing arguments, one by me that had a wrong argument (pointing to the wrong repo), and then the final one I entered correctly.
Should we get a caching layer in front of the letsencrypt logic so that we don't re-request a cert if we already have a recently-generated one? That may also help prevent the "pending authorization" rate limit error cloud.gov is seeing.
The login.gov team noticed three certs on CertSpotter for developers.login.gov. I hypothesize that this happened because there were three
update-servicecommands issued yesterday - one by @rogeruiz that was missing arguments, one by me that had a wrong argument (pointing to the wrong repo), and then the final one I entered correctly.Should we get a caching layer in front of the letsencrypt logic so that we don't re-request a cert if we already have a recently-generated one? That may also help prevent the "pending authorization" rate limit error cloud.gov is seeing.