Add hook or configurable cool off when generation fails #20
Labels
Comments
|
@fffonion would you be happy to accept an MR on this? Do you have any thoughts either way? |
|
@cdloh Yes PRs are welcomed! I recently developed a similar feature in Kong ACME plugin (https://github.com/Kong/kong-plugin-acme/blob/master/kong/plugins/acme/client.lua#L229). I think for now a per domain cool down time will be sufficient as that's most people hit rate limit with. Basically you configure a backoff time (like 5 minutes), and remember that on a per domain basis in the storage. |
This was referenced Jan 12, 2021
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Would it be possible to add a hook or something along those lines for a user supplied function for when certification generation fails.
The problem I'm trying to solve is that the application that sits behind openresty is configurable to have any user supplied domain. We then gather those domains and add them to the whitelist used by resty acme.
However there are times that those domains either aren't publicly available or resolvable.
My thoughts are that if we had a user configurable function that could be used on certification creation failure user supplied code could then handle these situations, or adding a configurable cool down period so that acme doesn't keep trying to generate a failed certificate.
The text was updated successfully, but these errors were encountered: