api-certs directory should be mounted as a volume #125

New issue

Open

opened 2026-03-13 15:51:28 +03:00 by kerem · 1 comment

kerem commented

2026-03-13 15:51:28 +03:00

Owner

Originally created by @fqqdk on GitHub (Dec 6, 2020).
Original GitHub issue: https://github.com/acme-dns/acme-dns/issues/249

I found out during experimentation (lots of restarts, new container creation, etc) that the certificates that acme-dns retrieves for its own API endpoint should be reused, so letsencrypt doesn't rate limit your IP. While I know that during experimentation one should use LE staging api (which is one way to avoid rate limits), it seems that one can benefit from persisting the certificates even in a production setup.

I propose that the documentation reflect this and make it explicit that the /root/api-certs directory is to be mounted as a volume.

Originally created by @fqqdk on GitHub (Dec 6, 2020). Original GitHub issue: https://github.com/acme-dns/acme-dns/issues/249 I found out during experimentation (lots of restarts, new container creation, etc) that the certificates that acme-dns retrieves for its own API endpoint should be reused, so letsencrypt doesn't rate limit your IP. While I know that during experimentation one should use LE staging api (which is one way to avoid rate limits), it seems that one can benefit from persisting the certificates even in a production setup. I propose that the documentation reflect this and make it explicit that the /root/api-certs directory is to be mounted as a volume.

kerem commented

2026-03-13 15:51:33 +03:00

Author

Owner

@nogaff commented on GitHub (Jun 28, 2021):

I've just run into this issue myself.

I was attempting to migrate my acme-dns deployment from a full VM to a Docker container and I had everything working great, but then I was tweaking some settings and restarted my container a few times, only to find that it had hit Let's Encrypt's duplicate certificate limit of 5 requests per week and the container was now stopping itself because Let's Encrypt wouldn't issue a 6th certificate.

I tried adding a volume for /root/api-certs and copying that directory from my original VM, but the container just ignores it and keeps requesting a new certificate on startup, then stops again due to the rate limit.

I seemingly have no choice but to wait a whole week until the rate limit resets...

@nogaff commented on GitHub (Jun 28, 2021): I've just run into this issue myself. I was attempting to migrate my acme-dns deployment from a full VM to a Docker container and I had everything working great, but then I was tweaking some settings and restarted my container a few times, only to find that it had hit Let's Encrypt's duplicate certificate limit of 5 requests per week and the container was now stopping itself because Let's Encrypt wouldn't issue a 6th certificate. I tried adding a volume for /root/api-certs and copying that directory from my original VM, but the container just ignores it and keeps requesting a new certificate on startup, then stops again due to the rate limit. I seemingly have no choice but to wait a whole week until the rate limit resets...