Zappa: 'certify' doesn't update existing certificates

Somewhere, a regression was introduced, I think this was from a PR that I was iffy about.

Repro: Certify on a new name

Calling certify for environment prod..
Certifying domain blah.yourname.io..
Setting DNS challenge..
Waiting for DNS to propagate..
Deleting DNS challenge..
Updating domain name!
Certificate updated!

Go to domain, old cert still in production.

About this issue

  • Original URL
  • State: closed
  • Created 7 years ago
  • Comments: 41 (23 by maintainers)

Most upvoted comments

So I just tried my proposed solution up there ^, expecting a between 0 and 40 minute downtime, and it seems like the change is in fact instantaneous. So, it’s not as elegant as actually rotating the certificate, but the damage isn’t as bad as I imagined. <1 minute * 4 times a year - that’s still quite a lot of 9’s of uptime.

+1
Miserlou on Mar 3, 2017
Read more comments on GitHub
← Zappa: bad magic number in 'application': b'\x03\xf3\r\n': ImportError
zappa-django-utils: s3sqlite OperationalError →