Can free and open source software projects like Caddy and Traefik eventually replace EFF’s Certbot? Although Certbot continues to be developed, we think tools like these help offer a promising path forward in the further development of a secure and encrypted web. For some users, tools like these...
Certbot is supposed to automatically renew certificates. It doesn’t do that reliably in my experience.
We use it on non-critical systems and every few months I need to go in and fix things… that never happens with traditional certificates - those are setup and forget.
As for the exact problems, I don’t think we’ve ever had the same problem twice. It’s always a once off thing but it’s still an hour of wasted time each and every time. If it happened on a proper production system it’d be a lot more than an hour, since whatever change is made would need a full gamut of testing / reporting / etc.