traefik schedules ACME Certificate Renewals starting 30 days before certificate expiry:
For cert life-times of 1 yr, this seem reasonable, but with cert expiry scheduled to be reduced to 100 days next year, and 47 days the year after, the effective lifetime of each cert will be down to 17 days. Should a feature request to make the 30 day trigger configurable be issued - or am I missing something??
Since you specifically mention LetsEncrypt… their certificates ARE only 90 days, now. And 30 days for renewal seems reasonable. I’m not sure there needs to be a change. How is even a 17-day lifespan a problem?
Traefik uses the go-acme library to handle LetsEncrypt. At least one developer works on Traefik and the library, so everything should be ready to go, when LetsEncrypt shortens the cert lifespans.