Certificate is Valid but expiry email is still being sent saying domain expires

Hi!

I keep receiving emails about our domain expiring. Last email was received less an than hour ago and stated domain will expire in 0 days.

When you visit our website example.com the certificate is valid and expires in February, so not sure which one is which?

We use https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion for our certificate renewal.

Here’s the email:

Hello,

Your certificate (or certificates) for the names listed below will expire in
0 days (on 03 Dec 17 13:19 +0000). Please make sure to renew
your certificate before then, or visitors to your website will encounter errors.

example.com

Thank you!

The mail should also contain an explanation about the mailer still mailing if you got a certificate containing a different set of hostnames.

The mailer doesn’t know you don’t need the old one any longer.

2 Likes

You are quite right. For so long, never managed to read it all the way down.

The email does indeed include this further down

In particular, note
that this reminder email is still sent if you’ve obtained a slightly
different certificate by adding or removing names. If you’ve replaced
this certificate with a newer one that covers more or fewer names than
the list above, you may be able to ignore this message.

Thank you!

1 Like

Ah, ok, so even though I’m getting the email, so long as certbot says everything is ok (certbot renew says all certs are fine), and a check on the certificate itself in the browser says it doesn’t expire until beginning of February, I can relax and stop panicking. Thank you!

That’s most likely correct. Most of the time, such e-mails are sent a few weeks short of 90 days after a period of experimenting/starting with Let’s Encrypt.

If you’re certain certbot certificates says everything isn’t close to expiry and all sites run with the most recent certificates, chances are the next round of renewals you won’t get any e-mail at all. Unless something actually is wrong of course :stuck_out_tongue:

Yep; shortest is valid 57 days, longest is valid 82 days. I admit the email saying I had nine days before expiry kinda shook me up a bit, but after reading this and doing a manual renew I relaxed. And you’re right, it was probably roughly three months ago I worked in earnest to set up certificates; now I have a bunch of sites on that server happily using https.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.