Fail to autorenew domain

cert.sh doesn’t seem to be working at the moment, but this certificate is due to expire on 08/08/2018 - so I would expect auto-renew to kick in.

My domain is: portal.tgmgroup.net and I ran this command:

#!/bin/bash
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
/usr/local/bin/certbot-auto --apache --no-self-upgrade renew

It produced this output:

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/stage.adsfs.tgmg.cloud.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/stage.api.usermanagement.tgmgroup.net.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/cjbot.carecertificate.co.uk.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/stage.api.assessment.tgmgroup.net.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/portal.tgmgroup.net.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing
/etc/letsencrypt/renewal/unitedresponse.carecertificate.co.uk-0001.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/unitedresponse.carecertificate.co.uk.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/thegoodcaregroup.carecertificate.co.uk.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/celebratorytimes.co.uk.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/chatfuel.carecertificate.co.uk.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/api.learninglink.tgmgroup.net.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/api.reporting.tgmgroup.net.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/stage.api.reporting.tgmgroup.net.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/api.observations.tgmgroup.net.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/api.usermanagement.tgmgroup.net.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/stage.api.observations.tgmgroup.net.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/www.celebratorytimes.co.uk.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/api.assessment.tgmgroup.net.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/openapi.tgmgroup.net.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/api.upload.tgmgroup.net-0003.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/nginx.prod.tgmgroup.net.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/autismtogether.tgmgroup.net.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/stage.portal.tgmgroup.net.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/stage.api.learninglink.tgmgroup.net.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/homeinstead.tgmgroup.net.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------

The following certs are not due for renewal yet:
  /etc/letsencrypt/live/stage.adsfs.tgmg.cloud/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/stage.api.usermanagement.tgmgroup.net/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/cjbot.carecertificate.co.uk/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/stage.api.assessment.tgmgroup.net/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/portal.tgmgroup.net/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/unitedresponse.carecertificate.co.uk-0001/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/unitedresponse.carecertificate.co.uk/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/thegoodcaregroup.carecertificate.co.uk/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/celebratorytimes.co.uk/fullchain.pem expires on 2018-08-09 (skipped)
  /etc/letsencrypt/live/chatfuel.carecertificate.co.uk/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/api.learninglink.tgmgroup.net/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/api.reporting.tgmgroup.net/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/stage.api.reporting.tgmgroup.net/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/api.observations.tgmgroup.net/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/api.usermanagement.tgmgroup.net/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/stage.api.observations.tgmgroup.net/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/www.celebratorytimes.co.uk/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/api.assessment.tgmgroup.net/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/openapi.tgmgroup.net/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/api.upload.tgmgroup.net-0003/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/nginx.prod.tgmgroup.net/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/autismtogether.tgmgroup.net/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/stage.portal.tgmgroup.net/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/stage.api.learninglink.tgmgroup.net/fullchain.pem expires on 2018-10-07 (skipped)
  /etc/letsencrypt/live/homeinstead.tgmgroup.net/fullchain.pem expires on 2018-10-07 (skipped)
No renewals were attempted.
-------------------------------------------------------------------------------

My web server is (include version): Nginx 1.4.6

The operating system my web server runs on is (include version): Ubuntu 14.04

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

Indeed that matches the certificate that your server is presenting:

$ openssl s_client -connect portal.tgmgroup.net:443 -servername portal.tgmgroup.net -showcerts 2>/dev/null | openssl x509 -noout -subject -dates
subject=CN = portal.tgmgroup.net
notBefore=Jul  9 19:35:06 2018 GMT
notAfter=Oct  7 19:35:06 2018 GMT

@_az - thankyou for checking - so, this is auto-updating and I don’t need to worry before Sept 7th?

crt.sh is showing 08/08/2018

Yes. Unfortunately crt.sh is suffering from a backlog of ~46 million log entries and can take anywhere from an hour to few days to see new certificates.

certbot certificates and what your own web server says are the most reliable things to look at.

Great - thankyou once again. I will check on the server itself next time.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.