Certificate does not renew before expiry

[nathang21]

For the past few days, I have been getting warnings that my cert was about to expire (which was generated via tailscale cert as part of this addon). I tried restarting this addon, home assistant, etc in hopes it would renew, but it did not.

Today it expired, and I tried restarting the addon again, and it successfully renewed.

Feature request:

1. Can this addon detect when the cert will expire soon (I think by default they last for 90 days, so maybe if less than 30 days) and attempt to renew on startup?
2. Even better, somehow renew without restarting the addon manually (I may schedule an addon restart every ~90 days to automate this in the meantime)

Logs below if they are helpful (once renewed).

...
2022/08/07 09:09:07 cert("HOSTNAME.tailnet-aaba.ts.net"): already had ACME account.
2022/08/07 09:09:08 cert("HOSTNAME.tailnet-aaba.ts.net"): starting SetDNS call...
2022/08/07 09:09:19 cert("HOSTNAME.tailnet-aaba.ts.net"): did SetDNS
2022/08/07 09:09:20 cert("HOSTNAME.tailnet-aaba.ts.net"): requesting cert...
2022/08/07 09:09:21 cert("HOSTNAME.tailnet-aaba.ts.net"): got cert
Wrote public cert to /ssl/HOSTNAME.tailnet-aaba.ts.net.crt
Wrote private key to /ssl/HOSTNAME.tailnet-aaba.ts.net.key
...

[tsujamin]

Hey mate - sorry that happened, I didn't write the certificate support in the addon though so happy to merge in any changes that implement this, but likely won't be in a position to do it myself.

Will leave the issue open.

[magkopian]

I think I may have the same issue. I just noticed that my certificate is about to expire in 8 days and as far as I'm aware Let's Encrypt certificates are supposed to be renewed automatically 30 days before expiry. Is there any way to force the renewal of the cert before it expires?

Edit:

Turns out the certificate was renewed sometime in the 10th of March, after v1.36.2.3 of the addon was installed. So, maybe a restart of the addon does trigger the certificate renewal.