Dynamic renewal timing #650

New Issue

adam · 2025-12-29T01:28:11+01:00

adam commented

2025-12-29 01:28:11 +01:00

Originally created by @tw- on GitHub (Dec 9, 2025).

Hello,
We are using several CAs with different profiles. As a result, the validity periods of the certificates vary (6–365 days), meaning that a general configuration in days is not sufficient. In addition, the validity periods of the certificates will be shortened in the near future, meaning that a configuration in days that is suitable today will no longer be suitable tomorrow – and so the configuration would have to be adjusted despite automation.
Let's Encrypt recommends renewing certificates after about 2/3 of their term. This works for both 6-day and 365-day terms today, and it will also work if the terms are adjusted automatically.
Would it be possible to include such a configuration option?
Thank you!
Best regards
tw-

Originally created by @tw- on GitHub (Dec 9, 2025). Hello, We are using several CAs with different profiles. As a result, the validity periods of the certificates vary (6–365 days), meaning that a general configuration in days is not sufficient. In addition, the validity periods of the certificates will be shortened in the near future, meaning that a configuration in days that is suitable today will no longer be suitable tomorrow – and so the configuration would have to be adjusted despite automation. Let's Encrypt recommends renewing certificates after about 2/3 of their term. This works for both 6-day and 365-day terms today, and it will also work if the terms are adjusted automatically. Would it be possible to include such a configuration option? Thank you! Best regards tw-

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/dehydrated#650