but now, i'm getting old expirybot notification emails. i want to update the bot to 1: know the actual new expiry time and 2: know the actual new domains (it is sending reminders for the OLD date / domain)
i know i can unsubscribe then manually resubscribe with a NEW email address, but who wants to do that? i need it to continue using my actual email address.
the thing is, not the name that changed, but the DATE of expiry has changed. It is supposed to be sent out 30 days prior to expiry, but now that is thrown off.
After updating my cert to cover 3 names instead of 1, the new expiry date is 2021-04-23. So i should have gotten the expiry notification on 2021-03-23, but i got it on 2021-02-11, which is 30 days before my ORIGINAL cert expires.
There are no instructions (that i could find) on how to reset the expiry notification emails to have the CORRECT DATES, while using the same email address.
Yes. Your older certificates aren't invalid because you don't use these. Letsencrypt can't know which certificate you want to use. May be three days later you roll back your configuration.
So a mail is always sent.
2021-02-11 is the correct date. If you don't like that mail, ignore it. That's all.
You're talking about the cert that i don't use any more, i'm not. I'm talking about the cert that i DO use.
stdout of the command line says this:
The following certs are not due for renewal yet:
/etc/letsencrypt/live/karaoke.kjams.com/fullchain.pem expires on 2021-04-23 (skipped)
No renewals were attempted.
I believe this is a reasonable and valid question. I get the sense that you don't? If the answer is "currently it's not possible to do what you're asking for", then that's the answer, so can we avoid debating the legitimacy of my request and just answer the question?
You need to understand that a new certificate never actually replaces the old certificate.
It's just another issued cert in the long list of certs that have been issued.
Some inactive...
Some still active...
Some about to expire...
Some freshly issued...
If there is no newer cert with the exact same set of names on it, then the expiry bot will notify you of that - you have a cert that technically hasn't been renewed that will soon be expiring.
But you also have another one that has more (or less) names on it.
The bot is just doing its' job to the best of its' abilities.
Even a human would do the exact same thing.