[Discuss] Contract work: Straightening out expired SSL certs for a client

[Dan Ritter]

david at thekramers.net wrote: 
> I'm doing some Agile Coaching for a medical device startup in
> Cambridge.  I'm also trying to get some their IT straightened out.  The
> current problem is their continuous build system, where Jenkins
> automatically builds software committed to bitbucket and places the
> artifacts in shared storage.  Bitbucket notifies Jenkins when repos are
> updated, but Jenkins can't pull the repo from bitbucket over ssh.
> 
> We are 99% positive this is because the SSL certs expired and it stopped
> working that very day, but the way it was set up is a bit beyond my
> capabilities.  We tried the directions to renew the certs and it said we
> went over some retry threshhold and would not let us try to renew it
> again.  I've done a few hours of discovery work but not positive how to
> fix the problem.
> 
> They're using letsencrypt SSL certs, and the chain of software is:

Let's Encrypt has a rate limit for how fast it will issue new
certs. You exceeded that in testing.

They have a unlimited-rate test server that you should use for
testing.

https://letsencrypt.org/docs/rate-limits/

https://letsencrypt.org/docs/staging-environment/

-dsr-