Tootfinder

Opt-in global Mastodon full text search. Join the index!

@x_cli@infosec.exchange
2024-09-25 08:17:22

Question about #Caddy: Does the acme_server db increase in size until disk saturation or is there a pruning mechanism somewhere to delete expired certificates?
I could not find any option regarding pruning, in the Caddyfile config, nor in the JSON config, and I failed to spot any in the source code...
I have a db file still containing certificates that are several months old. The db file was stored in a volume with very limited size and the db ended up filling it entirely (> 100MB) for 20 ACME clients. Chaos ensued.
#infosec #acme #devops