Closed aegonzalez closed 2 years ago
MDRenewWindow
works like this:
|------- certificate lifetime ------------------|
|-- renew window ---|
the default is 33%
which means if the certificate is valid for 90 days, the renewal will be started 30 days before it expires. For a certificate with lifetime of 9 days, it would start on the last 3 days.
If you set it to 30s
it would start 30 seconds before it expires, which is a bit short.
Thanks for the explanation.
I may not understand how the MDRenewWindow directive works. I tried setting it to 30s to verify that the renewal process will occur without having to wait 30 or so days. However after the initial creation of the certificate, days have elapsed without any renewals. ----Log messages: The Managed Domain ...has been setup and changes will be activated on next (graceful) server restart. ... Parent: Created child process
--- Config: Windows Apache Lounge version 2.4.51. MDCAChallenges tls-alpn-01 Protocols h2 http/1.1 acme-tls/1 MDRenewWindow 30s MDCertificateAuthority https://acme-staging-v02.api.letsencrypt.org/directory MDCertificateStatus on