Expiration notice for domain not due to expire?

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
rural.net.au

I ran this command:

/usr/local/bin/certbot renew --pre-hook “apachectl graceful-stop” --post-hook “apachectl start”

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log


Processing /usr/local/etc/letsencrypt/renewal/rural.net.au.conf


Cert not yet due for renewal


The following certs are not due for renewal yet:
/usr/local/etc/letsencrypt/live/rural.net.au/fullchain.pem expires on 2019-03-05 (skipped)
No renewals were attempted.
No hooks were run.


My web server is (include version):
Apache/2.4.35 (FreeBSD)

The operating system my web server runs on is (include version):
FreeBSD 11.2-RELEASE-p4

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):
yes.

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no.

Additional: the reason for posting is that I have just received an email from letsencrypt saying:

“Your certificate (or certificates) for the names listed below will expire in 20 days (on 25 Jan 19 04:54 +0000). Please make sure to renew your certificate before then, or visitors to your website will encounter errors.”

So my question is why am I getting the notice, when certbot is saying the domain isn’t due to renew?

Usually it means there is a different certificate with a different combination of subdomains. You might have replaced or deleted it, or it might be installed on a different server you forgot about or something.

In this case, there’s an older certificate for only the name rural.net.au, while your newer certificate is for both rural.net.au and www.rural.net.au.

https://crt.sh/?id=895024528

If you’re not using the other certificate for anything, you can just ignore the emails.

Ahh, that would make sense. I (mistakenly) thought that the new cert would have invalidated the old one.
Thanks for the prompt response!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.