When does Caddy refresh certificates retrieved from acme provider?

1. The problem I’m having:

Just a technical question, not a problem, but this forum enforces categories and using their templates.

The Question: When does Caddy refresh certificates retrieved from an acme provider such as certs4all?

Does it automatically refresh the certificate and the cert/key file before expiry, or does it check (and refresh if needed) only when a caddy web page using this certificate is actually used?

In other words: Can I reliably use caddy’s key/certificate files from other programs for their TLS configurations, or is it possible that the certificate expires without being refreshed just because nobody accessed the web page caddy itself uses the cert for?

2. Error messages and/or full log output:

No error, no logs, just a question.

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

3. Caddy version:

latest

4. How I installed and ran Caddy:

a. System environment:

b. Command:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

c. Service/unit/compose file:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

d. My complete Caddy config:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

5. Links to relevant resources:

Hey, sorry, you can use the General category for general questions. There is no template for that category.

Caddy renews certificates once they’re about 2/3 into their validity period, i.e. when 1/3 of their lifetime is left.

Caddy will proactively renew any cert it is managing.

Caddy will renew certificates it is managing, but it doesn’t do anything with other programs, like reloading the certificates for them, etc. You can use this plugin to run commands when Caddy renews certificates.