Concurrent certificate creations?

[Olivier-Boudeville]

Is it possible, once letsencrypt is started, to issue multiple, concurrent certificate creation requests?
(the use case is for a webserver hosting multiple virtual hosts to request at start-up, and then regularly, the corresponding certificates)

I may be wrong, but I have a set of (Erlang) processes requesting (in a synchronous manner) each a certificate for a given domain (they run eachletsencrypt:make_cert( FQDN, #{ async => false }) with their own FQDN), and apparently the gen_fsm requests 'create' but receives 'pending', presumably from another parallel attempt.

If it not currently possible with a single letsencrypt instance, maybe multiple letsencrypt:start/1 could be executed concurrently? Otherwise, would it be just a limitation of the current letsencrypt-erlang,or one of the Let's Encrypt solution itself?

Thanks in advance for any hint!

[Olivier-Boudeville]

(my best bet is that currently it would be possible to start letsencrypt multiple times if the gen_fsm was referenced directly through its PID instead of through {global, ?MODULE} lookups, yet other constraints may apply - maybe opening special ports - that would prevent such a parallel mode of operation)

BTW, firewall-wise, is the only constraint that TCP port #80 is available from the Lets'Encrypt server? (I guess this would mean letsencrypt contact them by itself, from an arbitrary TCP port, rather than the other way round)

[Olivier-Boudeville]

To reply to myself: I made a larger fork of your library (thanks!) and performed all the improvements I needed, see https://github.com/Olivier-Boudeville/Ceylan-LEEC (of course a pull request to this upstream origin could be done, yet the amount of differences is rather huge)