We have Caddy with consul storage for certificates.
I have noticed in the logs that Caddy is trying to renew certificates which i have deleted from the Consul storage and from the Caddy config (updated via /load API).
{"level":"info","ts":1623858901.8527253,"logger":"tls.cache.maintenance","msg":"attempting certificate renewal","identifiers":["img.domain.eu"],"remaining":1440843.147277408}
{"level":"error","ts":1623861330.5041435,"logger":"tls.renew","msg":"will retry","error":"key caddytls/certificates/acme.zerossl.com-v2-dv90/img.domain.eu/img.domain.eu.crt does not exist","attempt":7,"retrying_in":1200,"elapsed":2428.2326516,"max_duration":2592000}
When caddy was started the domain WAS listed in tls.automation.policies.subjects
.
After i have deleted the certificate from Consul storage i have updated the CADDY config via /load API and also removed the domain.
Even so that there is no reference to the deleted domain + certificate, caddy still tries to renew it.
Restarting caddy fixed it but it’s not something we want to do.
Any other suggested fix ?
Should i open an issue on Github ?