Is there a supported way to run renewal + deployment tasks only during a maintenance window?

Hi all,

We have several certificates managed in Certify The Web with the following deployment chain configured per cert:

1. Certify renews the certificate.
2. A deployment task exports the cert to a specific directory.
3. A follow-up task runs a PowerShell script that calls an API to update the cert in the consuming application.

Everything works, but we need the entire chain to fire only during our maintenance window - not at whatever time the renewal happens to come due.

What I’m trying to figure out:

1. Is there a supported, built-in way to constrain a managed certificate’s renewal and deployment tasks to a specific day/time window (e.g., Saturday 02:00–04:00)?
2. If not, what workarounds do people use? The obvious one is a pre-task script that loops/sleeps until the maintenance window, but I’ve seen mentions on the forum that holding a deployment open like that can leave the process stale and may interfere with other certificate automations on the same instance. So I’d rather not go down that path unless that concern is outdated or there’s a clean way to do it.

Any guidance — official or from people running similar setups in production — would be appreciated. Thanks!

Hi,

Version 7.x onwards has a new Maintenance Window feature where you can declare a global maintenance window or set one specifically for a given managed certificate etc.

However, you mentioned exporting the cert then a “follow-up task” runs, what triggers that and why would that not only occur during your preferred maintenance windows anyway? It’s common for people to export certs then have their own windows scheduled task to do more sophisticated scheduling etc.