I’ve just received an email from email@example.com saying that my certificate is set to run out in 9 days, however when I check the certificate expiry date for the site in my browser, it doesn’t seem to be set to expire until January 2020.
If your certificate is already renewed, we won’t send an expiry notice. We consider a certificate to be renewed if there is a newer certificate with the exact same set of names, regardless of which account created it. If you’ve issued a new certificate that adds or removes a name relative to your old certificate, you will get expiration email about your old certificate. If you check the certificate currently running on your website, and it shows the correct date, no further action is needed.
Is that the only choice…“one must be wrong”?
How about “neither” is wrong?
They could very well be talking about two (very similar but) different certs.
If you review the entries at: https://crt.sh/?q=www.christianheritagelondon.org
You will see that there was a cert issued on 2019-08-09 that will expire on 2019-11-07
If you dig a little further you should be able to confirm that the second cert is being used as a replacement for the first one. But they are both now valid and one will expire soon; and yet they don’t seem to be “exactly the same” - which is why the expiry bot contacted you (via email).
There is no clear and obvious way to know if the first cert is no longer being used anywhere.