Hi all,
Does anyone know, in case of a renewaal failure, how often and in which intervall the software tries to renew the certificate before it sends a notification?
My idea is to open the firewall every day for a specific duration which is longer than this retry intervall every day so that the renewal can be done within this timeframe.
No, there is no specific time. Renewals start off hourly (from the time the service was first started, not on the hour) then if the fail they gradually back off until it’s once every 48 hrs.
Are you opening port 80 for http validation, or are you opening the firewall for outgoing https (API calls).
If you don’t have a webserver listening on port 80 there is very little need to block port 80 normally, but if you need to do that then I’d suggest using DNS validation instead of http validation as it will be simpler in the long term.