Expand description
Background renewal task for STAR certificates (RFC 8739).
Spawns a tokio task that checks every 60 seconds for STAR orders with certificates approaching expiry. When a certificate needs renewal, the task pre-generates the next certificate in the series via the CA subsystem and stores it for client retrieval.
The renewal threshold is configurable via pre_renewal_factor in
[star] config. For example, with a 24-hour interval and factor
0.5, renewal happens when 12 hours remain on the current certificate.
Failures are handled gracefully — a failed renewal is retried on the
next 60-second cycle. The task respects max_renewals limits and
marks orders as Completed when the series is exhausted.
Functions§
- spawn_
renewal_ task - Spawn the background STAR certificate renewal task.