Why are my Let's Encrypt certificates failing to provision on my development environments?

I’ve noticed that occasionally Let’s Encrypt certificates will fail to provision on some of my development environments.

The most recent example I have of this is when I’ve been working on the adding-emphemeral-redis branch of my project. They fail to provision on that branch, but not on any of my other environments.

In your case, I believe the issue is due to the length of the URLs that are being generated by Platform.sh based on the name of the branch.

Let’s Encrypt can only handle a maximum of 64 characters, and the full URL of your project PLATFORM_ENVIRONMENT-PLATFORM_PROJECT.REGION.platformsh.site probably puts you at 67 characters.

  • PLATFORM_ENVIRONMENT = PLATFORM_BRANCH + 7
  • PLATFORM_PROJECT = 13
  • REGION = 2-4
  • platformsh.site = 15
  • extra characters (. & -) = 4

Keep your branch names to under 20 characters going forwards and you should no longer have this issue.

1 Like