Certificate expiry email

G_Lough · March 10, 2021, 4:10pm

Hello,

I have recently began receiving emails regarding an expiring certificate for my domain. I have been in touch with google and godaddy and I am still none the wiser about what I need to do. I have been using the domain for a long time now and this is the first time I have received such emails and I'm not sure what I need to do.
Can you help me please?

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.garryloughlin.com

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: godaddy/google

I can login to a root shell on my machine (yes or no, or I don't know): I don't know

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

JuergenAuer · March 10, 2021, 5:12pm

Hi @G_Lough

your question is "a little bit incomplete".

Checking your domain you use a ZeroSSL certificate, not a Letsencrypt certificate.

Looks like you have used the older ZeroSSL (that has created a Letsencrypt certificate), now it's an own certificate. So your Letsencrypt certificate isn't renewed, that's the mail.

But the mail contains a link

that answers your complete question.

Please read these basics.

G_Lough · March 11, 2021, 5:24pm

Thank you Juergen,
I'm afraid this is all new to me and I have no idea about these certificates. I have been using this domain for years through google/godaddy and this has never come up. I'm still not sure what I need to do and godaddy can't give me any answers. From what I think I understand, this might be something that they should deal with on their end?

schoen · March 12, 2021, 8:20pm

Hi @G_Lough,

It seems that your site has switched certificate providers from Let's Encrypt to ZeroSSL (a different certificate authority). If you're not responsible for this, it was probably done for you by your web host.

Let's Encrypt always sends warnings by e-mail when certificates that it issued in the past are going to expire without having been replaced by a new Let's Encrypt certificate. It never attempts to check (and doesn't necessarily have a reliable way that it could check) if this is intentional because the old certificate has been replaced by a different one.

In your case, it appears that it is intentional that your hosting provider switched certificate issuers, which means that it's also intentional that the old certificate will expire without being replaced (by a new one from Let's Encrypt). But again, Let's Encrypt has no way to know whether this is intentional and just wanted to warn you in case it wasn't.

system · April 11, 2021, 8:20pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.