DRONE_TLS_AUTOCERT not caching cert

I am using v1.10.1 and I have the following configuration:

    image: <my_drone_server_image>
      - 80:80
      - 443:443
      - /var/lib/drone/drone.key:/var/lib/drone/drone.key
      - /var/lib/drone/data:/data
    restart: always
      - postgres
    env_file: drone-server.env
      - DRONE_GITHUB_SERVER=https://github.com
      - DRONE_LICENSE=/var/lib/drone/drone.key
      - DRONE_SERVER_HOST=<my_domain_name>
      - DRONE_SERVER_PROTO=https
      - DRONE_USER_FILTER=<redacted>
      - DRONE_USER_CREATE=<redacted>
      - DRONE_LOGS_TRACE=true
      - DRONE_DATABASE_DRIVER=postgres

When I first run the drone-server, everything starts up fine and I’m able to navigate using my browser to drone.

However, on restart, it hangs for a while, and then eventually I’ll get an ERR_SSL_PROTOCOL_ERROR in the browser. Tailing the logs I get:

  "level":"info","msg":"starting the http server",

Followed by

http: TLS handshake error from ...  urn:ietf:params:acme:error:rateLimited: Error creating new order :: too many certificates already issued for exact set of domains: <my_domain_name>: see https://letsencrypt.org/docs/rate-limits/

And an endless number of TLS handshake error messages.

It appears that drone isn’t using the cached certs even though they are on a persistent volume and they exist. See below:

tree /var/lib/drone/
├── data
│   └── golang-autocert
│       ├── acme_account+key
│       ├── <my_domain_name>
│       └── <my_domain_name>+rsa
├── drone.key

Any help is greatly appreciated. Thank you!

I just tested and was unable to reproduce the problem. We use the official acme package from the Go team, which handles reading from and writing to the cache (https://github.com/golang/crypto/tree/master/acme/autocert). We also use this feature at Drone cloud and have not experienced any issues with SSL errors on restart.