Certificate will expire in 20 day but is valid for 56 days


#1

Hi,
today I got an email by your lets encrypt expiry bot that informed me that one of my certificate will expire in 20 days for the domain mail.level5.de. When I checked it with the command “certbot certificates” on the server I can see that the certificate which includes the domain mail.level5.de is valid for 56 days.

A few weeks ago I changed the server of that domain. To get a new certificate I deleted the certificate on the old server first (certbot delete). Then I assigned the ip-address of the new server to the affected domain. After that I could create the new certificate on the new server without any problems.

But now the difference is that on the new server the domain is included in a certificate with other domains and it is not the name of the certificate any more. On the old server the domain was included in a certificate without any other domain.

Could this be the problem? Can I just ignore the message, because the certificate will be renewed in 16 days on the new server?


#2

Hi @ThomasB

you have two certificates with mail.level5.de

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:false;domain:mail.level5.de&lu=cert_search

The older

https://transparencyreport.google.com/https/certificates/v1xjkJnoswXfZz9RVijE1asc14RN0RgGE0GzkUcRx0k%3D

is from 2018-05-14, so this produces the mail.

The newer

https://transparencyreport.google.com/https/certificates/gq2uQvvd4icrFtkx%2FsxunF7udIvLXSwyObhQxYyg%2BCE%3D

has a lot of domain names, it’s from 2018-06-16.

So you can ignore the mail. Certbot delete doesn’t delete the information on Letsencrypt, it is only a local operation.


#3

Ok! Thank you for the link for searching :sunny:


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.