I didn't know acme.sh would exit if a renewal isn't necessary. I just figured if the cert is valid for 3 months, renewing every 2 months is a good balance between regular renewals and not spamming LEs servers for no good reason.
They’ve thought of that! iIt won’t connect to the LetsEncrypt servers if the renewal isn’t due.
It’s a really cool shell script.
I actually have quite a few machines on the network requesting certs, a mixture of Caddy servers and other servers where acme.sh is easy to deploy, can really recommend caddy and it’s well worth taking a look at, I run 2 caddy servers, one which is only internally accessible on the network and the other which is externally accessible, means I don’t need the DNS records for my internal server to be on Cloudflare.
I actually learned that acme.sh has some other features which I could use to simplify some of my usage cases from your post, going to investigate and see if I can clean up a few little bits here and there.