Migrating letsencrypt setup from one caddy instance to another

I have a caddy 0.10.3 instance working in a VM, using letsencrypt automatic tls.
I have a new VM with caddy 0.10.13 on it… Can I migrate the config over? or did the version change break things? and if I can, which folders do I need to move?

Thanks a lot.

First, upgrade to 0.10.14, since 0.10.13 can’t obtain certificates. :no_mouth: (oops)

You’ll have to obtain all new certificates anyway, since at 0.10.12, we switched to Let’s Encrypt’s ACMEv2 endpoint, which has a different format for metadata and slightly different account-bookkeeping requirements/flow. Basically, just run Caddy in your new instance and it will obtain certificates as usual. As usual, make sure to use the -agree flag in automated environments.

If we hadn’t made the jump to a new ACME version, you could have just moved the $HOME/.caddy folder over to your new instance and it would have picked it up and worked just fine. You can still do that after upgrading to ACMEv2 with Caddy 0.10.14.

Thanks Matt. I installed 0.10.14. I restarted with an empty /etc/ssl/caddy/, used for letencypt… my config file only has two websites… but when it starts it fails with:

failed to get certificate: acme: Error 429 - urn:ietf:params:acme:error:rateLimited - Error finalizing order :: too many certificates already issued for exact set of domains

I move my public IP address from old working VM, to new VM, before starting the caddy instance. Why would the new one have issues the old one does not have, with letsencypt rate limits?

You’ll have to wait for the rate limits to expire (about 7 days) before you can get certificates for those domain names. In the future, always use the Let’s Encrypt staging endpoint when testing, as documented: Automatic HTTPS — Caddy Documentation

OK. Thanks a lot.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.