It seems people frequently run into the situation where LE says a domain (or several) are expiring in N days, and to renew, but when they look at it, the cert has plenty of time left. The result is invariably that the email is telling them about a different domain that's expiring and didn't get renewed.
I've gotten a few emails lately that were unexpected, since my certs renew automatically pretty reliably. I checked my certs by looking at them in Safari’s cert inspector, and saw that they expire months from now.
But I just got another email (two actually) saying they expire in 0 days:
Hello,
Your certificate (or certificates) for the names listed below will expire in 0 days (on 2024-06-04). Please make sure to renew your certificate before then, or visitors to your web site will encounter errors.
We recommend renewing certificates automatically when they have a third of their total lifetime left. For Let's Encrypt's current 90-day certificates, that means renewing 30 days before expiration. See https://letsencrypt.org/docs/integration-guide/ for details.
latencyzero.com
latencyzero.llc
www.latencyzero.com
www.latencyzero.llc
For details about when we send these emails, please visit: https://letsencrypt.org/docs/expiration-emails/ In particular, note that this reminder email is still sent if you've obtained a slightly different certificate by adding or removing names. If you've replaced this certificate with a newer one that covers more or fewer names than the list above, you may be able to ignore this message.
For any questions or support, please visit: https://community.letsencrypt.org/ Unfortunately, we can't provide support by email.
To learn more about the latest technical and organizational updates from Let's Encrypt, sign up for our newsletter: https://letsencrypt.org/opt-in/
If you are receiving this email in error, unsubscribe at:
<redacted>
Please note that this would also unsubscribe you from other Let's Encrypt service notices, including expiration reminders for any other certificates.
Regards,
The Let's Encrypt Team
I checked all the certs using some online SSL checker. They all expire in 60 days. So what, precisely, should I be looking for?