On Oct 13, Let's Encrypt suffered a 10-min downtime. Similarly to #1, I, oblivious to the outage, had to restart my Node server around that time. Although the server had a valid cert until Dec, it couldn't boot, and I got the following errors:
Error cert_order:
[400] rpc error: code = Unknown desc = failed to select one blockedKeys: commands out of sync.
Did you run multiple statements at once?
and
code: E_ACME
Error: [400] sa.StorageAuthority.KeyBlocked timed out after 5001 ms
at /app/node_modules/@root/acme/utils.js:119:8
at processTicksAndRejections (internal/process/task_queues.js:95:5)
at Object.greenlock._order (/app/node_modules/@root/greenlock/greenlock.js:445:23)
at Object.greenlock._renew (/app/node_modules/@root/greenlock/greenlock.js:335:9)
at Object.greenlock.get (/app/node_modules/@root/greenlock/greenlock.js:212:23)
In this case, the Node server wouldn't run until the Let's Encrypt endpoint was restored. It would be much better if Node was still allowed to start, and the error was only logged as a warning. Even if the cert was expired (which it wasn't), it would still be preferable to have a running server with an expired cert than to suffer downtime.
Any thoughts on how this could be improved, perhaps with softer error handling?
On Oct 13, Let's Encrypt suffered a 10-min downtime. Similarly to #1, I, oblivious to the outage, had to restart my Node server around that time. Although the server had a valid cert until Dec, it couldn't boot, and I got the following errors:
and
In this case, the Node server wouldn't run until the Let's Encrypt endpoint was restored. It would be much better if Node was still allowed to start, and the error was only logged as a warning. Even if the cert was expired (which it wasn't), it would still be preferable to have a running server with an expired cert than to suffer downtime.
Any thoughts on how this could be improved, perhaps with softer error handling?
Thank you.