icing
commented
2 years ago MDRenewWindow works like this:
|------- certificate lifetime ------------------|
|-- renew window ---|the default is 33% which means if the certificate is valid for 90 days, the renewal will be started 30 days before it expires. For a certificate with lifetime of 9 days, it would start on the last 3 days.
If you set it to 30s it would start 30 seconds before it expires, which is a bit short.
aegonzalez
I may not understand how the MDRenewWindow directive works. I tried setting it to 30s to verify that the renewal process will occur without having to wait 30 or so days. However after the initial creation of the certificate, days have elapsed without any renewals. ----Log messages: The Managed Domain ...has been setup and changes will be activated on next (graceful) server restart. ... Parent: Created child process
--- Config: Windows Apache Lounge version 2.4.51. MDCAChallenges tls-alpn-01 Protocols h2 http/1.1 acme-tls/1 MDRenewWindow 30s MDCertificateAuthority https://acme-staging-v02.api.letsencrypt.org/directory MDCertificateStatus on