Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: eks-dashboard.k8.myotp.rocks
The operating system my web server runs on is (include version): linux
My hosting provider, if applicable, is: AWS, managed Kubernetes
Received an email:
You issued a testing cert (not a live one) from Let’s Encrypt staging environment. This mail takes the place of what would normally be a renewal reminder, but instead is demonstrating delivery of renewal notices. Have a nice day!
We recommend renewing certificates automatically when they have a third of their
total lifetime left. For Let’s Encrypt’s current 90-day certificates, that means
renewing 30 days before expiration. See https://letsencrypt.org/docs/integration-guide/ for details.
Details:
DNS Names: eks-dashboard.k8.myotp.rocks
Expiration Date: 13 Sep 20 06:18 +0000)
Days to Expiration: 20
My Kube Chart configuration is using letsencrypt-prod setup.
If you added an email address to your staging account, then you will receive renewal reminders for staging certificates.
This is irrespective of whether you have certificates in production, or not. It’s totally independent.
When e.g. Certbot uses the staging server via --dry-run, it does not register an email address. As a result, typically, users do not receive renewal emails about staging certificates.
I’m not sure what your k8s ACME client does, but if it’s cert-manager, you could use a separate email address for the staging issuer, and then unsubscribe from those emails. Or just not provide an email address for the staging issuer, if possible.