Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: voxberg.se
I ran this command: Proxmox Cert renewal
It produced this output:
So it shouldn't expire until september.
If I read the recommended posts right this has been an issue since 2016, but for me it only started happen last year.
Do I need to be worried or should I go with what the Proxmox panel tells me?
Read the email very closely and see if something changed about the certificate that you have right now and in the one from the past.
We consider a certificate to be renewed if there is a newer certificate with the exact same set of names, regardless of which account created it. If you’ve issued a new certificate that adds or removes a name relative to your old certificate, you will get expiration email about your old certificate.
— Expiration Emails - Let's Encrypt (emphasis mine)
Specifically, your older certs had the domain name
proxmox.voxberg.se in it. Your latest does not
Yeah, but they haven't had that for several renewals.
That was way more helpful than the e-mail that Let's Encrypt sends.
How did you get that list?
That's a private tool I created that searches the censys.io system
There are many tools that display the public CT logs. One is
and another is
https://crt.sh which is mentioned here
@_az How do you get such fast and reliable replies from crt.sh there?
Manually written query against the crt.sh
certwatch Postgresql database at
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.