You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
First of all, thank you for this opportunity for central certificate management with puppet.
I use this module with ISPConfig dns plugin.
For issuing certificates, I noticed two problems with puppet-acme:
Configurable timeout for EXEC "issue-certificate-${domain}"
Publishing the dns record via ISPConfig and from there to an external slave DNS provider takes time.
The default timeout of 300 is not always enough.
Param dnssleep should be optional
If not provided or set to e.g false/-1, do not prepend --dnssleep to the command. This way acme.sh can recheck the dns entry periodically and finish after success or will be terminated when EXEC timeout is exceeded.
At the moment I run the issuing command by hand on the puppet master. The last certificate took about 7 minutes to be issued. Too much for default exec runtime.
The text was updated successfully, but these errors were encountered:
First of all, thank you for this opportunity for central certificate management with puppet.
I use this module with ISPConfig dns plugin.
For issuing certificates, I noticed two problems with puppet-acme:
Configurable timeout for EXEC "issue-certificate-${domain}"
Publishing the dns record via ISPConfig and from there to an external slave DNS provider takes time.
The default timeout of 300 is not always enough.
Param dnssleep should be optional
If not provided or set to e.g false/-1, do not prepend --dnssleep to the command. This way acme.sh can recheck the dns entry periodically and finish after success or will be terminated when EXEC timeout is exceeded.
At the moment I run the issuing command by hand on the puppet master. The last certificate took about 7 minutes to be issued. Too much for default exec runtime.
The text was updated successfully, but these errors were encountered: