Disable Let's Encrypt certificate expiration notice for specific domains

The domain in question is: *.2-dev.roll.ravendb.cloud

It is a test domain that I created for some purpose and shortly removed afterward.
I really appreciate the expiration notices, but I’m managing a rather large number of domains, and users may remove them. At that point, I want to be able to tell LE that it shouldn’t worry about expiration notices for a particular domain.

Is there a way to do so?

1 Like

Hi @ayende

as I know, that’s not possible.

And it’s not really required. Checking your domain you have one certificate - https://check-your-website.server-daten.de/?q=2-dev.roll.ravendb.cloud#ct-logs

Issuer not before not after Domain names LE-Duplicate next LE
Let’s Encrypt Authority X3 2019-06-20 2019-09-18 *.2-dev.roll.ravendb.cloud
1 entries

So you will get two mails - 20 and 10 days before expiration.

Then it will stop.

I believe the only way to do this is to revoke every unexpired certificate that you don’t care to receive notifications about.

Revoked certificates are excluded from the Expiry Bot reminders.

1 Like

The actual issue is that all the subdomains under ravendb.cloud, not this particular one.

Is there any downside for revoking the certs when we tear down such a domain?
What happens if we’ll need to create it again, we can just re-generate the certificate, right?

There’s no downside to revoking, as long as you’re not using the certificate you’re revoking.

It doesn’t affect any other (past or future) certificates for any of the involved domains.

But more generally, I think it’s easier to just ignore the unwanted email notifications.

Or you can unsubscribe entirely from the Let’s Encrypt Expiry Bot and instead use an external monitoring service which can warn about upcoming expiration as part of its uptime monitoring. It doesn’t have false positives and ensures that your renewed certificates are actually being used by your webserver. That’s always been my preference - Uptime Robot is good value for that, and perhaps Cert Spotter as well.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.