While most Caddy users get up and running pretty quickly, quite a few of you run experimental setups or have to tinker with your infrastructure or configuration to get it just right in some cases.
When you’re running “disposable” Caddy instances or are trying to get just the right set up, be sure to use Let’s Encrypt’s staging endpoint or you may hit rate limits, making it impossible for Caddy to get a certificate for your hostname for up to a week.
Simply run Caddy with the -ca flag, specifying Let’s Encrypt’s staging endpoint. It issues fake certificates but the rate limits are negligible. (By default, Caddy will use their production endpoint which issues real certificates.)
For those wondering or if you’re looking for more information, this is documented at Automatic HTTPS — Caddy Documentation. But again, most users won’t need to think/worry about this.
Hi @nodesocket, I’ve seen this happen sometimes after Caddy is interrupted ungracefully during a specific stage of requisitioning certificates. Caddy uses file locks to facilitate certificate validation in fleet configurations. While a file lock is in place, the Caddy instance doing startup certificate maintenance assumes another instance is in the middle of an ACME challenge, so it waits.