I have many servers running certbot for the same domain / cert.
I receive alerts saying that a domain cert is expiring, but it does not tell me which specific host / server this cert is hosted on.
How can I find out, which hosts have expiring / expired certs other than by logging into each one and manually checking for each host.
I tried running certbot certificates, but that only appears to list the certs for that specific host and not all certs issued under my account
@crankshaft welcome to the community!
Let'sencrypt cannot know about where are you using a given certificate, or even using it at all. Unfortunately you have to verify on each places.
Independently of the previous, better practice to have one certificate only for the same set of domains, and distribute that to all your systems.
@bruncsak - thanks for confirming that and for your welcome message
How many? Because you are only allowed five certs with the identical set of names per week per account.
To circumvent this rate limit, one could add a specific hostname for that specific host (e.g.
host42.amsterdam.nl.example.com or whatever). And you'd have the ID for the server of that certificate automatically! Win-win.
Agree that would be one way to deal with it. But if they really have that many server instances using the same cert names they would be better off acquiring the cert in a dedicated instance and distributing it as already suggested by @bruncsak
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.