The current letsencrypt.sh script allows us to add alternate names into a ca.san_config file to obtain a cert for multiple domains, which is useful for all the shared domains running off the server IP especially for mail since SNI isn't universally supported yet.
However, if something goes wrong with the LE verification, e.g. "Internal Server Error" from LE, the script stops. This is rather painful if you are like at the 48th domain in a 50 domain list. Unfortunately, this appears to happen relatively often and randomly, making it close to impossible to get a cert containing more than 30 or so SAN domains. So it would be great if the letsencrypt.sh script can at least retry once per domain instead of exiting directly.
However, if something goes wrong with the LE verification, e.g. "Internal Server Error" from LE, the script stops. This is rather painful if you are like at the 48th domain in a 50 domain list. Unfortunately, this appears to happen relatively often and randomly, making it close to impossible to get a cert containing more than 30 or so SAN domains. So it would be great if the letsencrypt.sh script can at least retry once per domain instead of exiting directly.
