this post was submitted on 05 Jan 2026
333 points (99.4% liked)
PC Gaming
14642 readers
719 users here now
For PC gaming news and discussion. PCGamingWiki
Rules:
- Be Respectful.
- No Spam or Porn.
- No Advertising.
- No Memes.
- No Tech Support.
- No questions about buying/building computers.
- No game suggestions, friend requests, surveys, or begging.
- No Let's Plays, streams, highlight reels/montages, random videos or shorts.
- No off-topic posts/comments, within reason.
- Use the original source, no clickbait titles, no duplicates. (Submissions should be from the original source if possible, unless from paywalled or non-english sources. If the title is clickbait or lacks context you may lightly edit the title.)
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The problem sometimes is the automation failing for some reason.
Have you had Certbot or LE fail on prod for you before?
I’m sure stuff happens, but I usually view them as one of the most robust moving parts on a server.
E: I don’t mean to express disbelief at all; just curious to learn about possible footguns.
Certbot / LE has to be running on some machine and that machine can be accidentally turned off, payments not fulfilled, was supposed to be moved but the new instance doesn't work, gateway configuration changed, etc.
Automation requires maintenance and that introduces human error
Certbot/LE should typically be running on the box that's terminating TLS for you, right? If the box handling your traffic is down, shouldn't that be a self-evident problem?
I've been running Caddy and certbot for nearly a decade and never found a way for them to break without it being 100% my fault. They're more or less self-healing too. I'm with AmbiguousProps; cert renewals have been pretty damn reliable to automate compared to any other piece of tech, IME.