On 2018-03-19, Markus Rosjat <ros...@ghweb.de> wrote: > Hi, > >> acme-client can only validate an authorization that way. >> >> but for a forced renewal for something that's already active, there's >> likely to already be a validated authorization on the letsencrypt account, >> in which case it wouldn't need to revalidate. >> > > I did a forced renew after I got a valid certificate and stoped the > httpd before I did the forced renew
If you need to force a renewal it means the certificate isn't that old in the first place and very likely to be in the window in which you already have a valid authorization. > I will do the suggested changes to the config and keep an eye on it. Just place a file in the .well-known/acme-challenge directory and make sure you can fetch it. Then you don't have to wait for a possible failure sometime in the future when you're not thinking about it.