One of my side projects experienced downtime due to an expired SSL certificate. Here’s what happened and how I resolved it.

I host my project on fly.io and followed the official docs to set up the certificates 3 months ago. The other day I started receiving SSL Handshake Failed errors.

To fix the issue, I ran the following commands:

flyctl certs delete fedidevs.com
flyctl certs create fedidevs.com

Surprisingly, I had to delete the existing certificate before creating a new one, or else I encountered the following error:

Error: Hostname already exists on app

I have found a forum thread with others experiencing this same issue. According to a fly.io employee post the certificates should auto-renew 30 days before expiration, but they did have a bug that prevented certificates from renewing. Did this bug regress?

Despite having the A/AAAA records correctly set, my site didn’t auto-renew. I’ve now added the CNAME record to my DNS settings hoping that this will fix the problem, but I’ll have to wait until September to know for sure. 🤞