Domain expiration e-mail, despite successful renewal

Surprisingly Certbot managed to renew my wildcard domain * even though Certbot is not supposed to be able to do that !?

Both Chrome, Firefox and Curl seems to agree that it has been renewed.

I checked Certbot log files and it looks like the certificate was renewed successfully.

Also on* it looks like it’s renewed.

But yet I got this e-mail:

Your certificate (or certificates) for the names listed below will expire in 19 days (on 27 Nov 18 11:27 +0000).


(The e-mail doesn’t seem to be from staging)

So can anyone confirm that both * and has been renwed, or is it only that has been renwed !?

Why did I get this e-mail ? And what will happen on 27 Nov :smiley:

Hi @zeta

checking your domain:;include_subdomains:true; Let's Encrypt Authority X3 2 03.11.2018 01.02.2019 1 Details ansehen Let's Encrypt Authority X3 2 04.09.2018 03.12.2018 1 Details ansehen
* Let's Encrypt Authority X3 1 29.08.2018 27.11.2018 1 Details ansehen Let's Encrypt Authority X3 2 03.11.2018 01.02.2019 4 Details ansehen

You are using a certificate with two names. But you had created one certificate with one domain name.

This ends 2018-011-27.

You don't need that, so so didn't renew it. But Letsencrypt can't know you don't use this -> so a mail is sent.

--> ignore the mail.

Thank you @JuergenAuer I in fact did create one certificate, then shortly after realized I wanted both the wildcard and plain in one certificate. It does make sense now!

1 Like

Non-ancient versions of Certbot can automatically renew wildcard certificates if you have a DNS provider API or DNS update script configured. :slight_smile:

@schoen I guess ancient here means a few months :wink:

Using “–preferred-challenges dns” and “–manual-auth-hook=…” and “–manual-cleanup-hook=” when registering - seems to have done the trick, using certbot 0.26.1.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.