It will be expire?!


#1

Hi!

I am owner of www.southsports.com.br and I used Let’s Encrypt, but I am receiving e-mails with the information that will be expire in 9 days on 08 Mar 18 22:26 +0000. If the Let’s Encrypt is free, why I am receiving this? Thank you.


#2

Let’s Encrypt certificates have a 90 day duration.

They have to be renewed.

How this happens depends on how you initially issued the certificate.


#3

The renewal is also always free of charge. In many hosting environments, it can be fully automated so that you won’t receive these warnings.

The reason that certificates have an expiration date is basically that we need to make sure that all of the information in the certificate is still correct. (There’s much more that could be said about this, but that’s the basic idea.) So, the certificate will have to be re-validated periodically, but to repeat, Let’s Encrypt doesn’t charge users money for this.


#4

Now I got it… Thank you Guys!

@schoen do you know how it works to automate in hostinger? Thank you!


#5

It’s done with a cron job, more info here: https://www.hostinger.com/tutorials/ssl/how-to-install-free-ssl-from-lets-encypt-on-shared-hosting#Step-4-Checking-expiration-date-and-renewing-SSL-certificate

Best of luck!


#6

I have a site that has a Lets Encrypt certificate. I did not initiate the original certificate and I do not know who is getting notices. However, through SSLshopper, I have discovered the certificate expires on tax day 2018. It looks like the certificate was issued in January and expires in April. How do I find out if the SSL will renew automatically? How do I find out who is getting notices?


#7

@HBry, what’s your web hosting arrangement? Who’s the hosting provider, what hosting technologies do you use, and how do you administer the site?


#8

domain is at godaddy, armor is the web host; the ssl is through letsencrypt


#9

What web server do you use? Do you use a control panel? Do you know if someone else actively did something to obtain and install the certificate?


#10

our servers are with armor; they don’t have the SSL cert; to move code to production we ssh into the server on terminal and merge the code; we do not have a control panel that we use; nobody in the company knows who obtained the certificate originally; It is for this reason I’m trying to find someone at letsencrypt who is getting the notices at our company; i’m also trying to find out if it will automatically renew in April. I realize there is a cron job that can be added to the production server to renew the certificate every other month…I just don’t know how to know if that was added to the crontab. Yes this is a mess…but I’m working to clean it up.


#11

If you look it up your domain(s) on https://crt.sh, you may be able to deduce whether the renewals are happening automatically or not by the time interval between certificate renewals.

If the intervals are irregular (not spaced out by 60 days), it’s more likely that the renewals were done by hand.

Based on https://crt.sh/?q=southsports.com.br I would say it was done by hand.


#12

Edit: I said it was working, but I was confused between @viko’s and @HBry’s servers. @viko’s server is working with a renewed certificate, but I don’t know what @HBry’s domain is. It can be confusing to have discussions about two different sites within the same forum thread.

@HBry, I don’t think there is a way to find out who is getting the reminders. Maybe you could ssh into the possibly-related servers and run locate certbot? It would also be good to look at the web server configuration files and see where the certificates that they’re pointed at are located on the system, and what their filenames are.


#13

I looked at the site on https://crt.sh and it shows that the original certificate from letsencrypt was installed in September 2017. It then shows an SSL in November 2017 and then January 2018. So, it is possible the cron job has been added to the crontab on the server that is running the site.
our site is app.greenlight.md
I will work on ssh into the server and running the locate certbot command suggested. I will also look at the confg files as suggested.


#14

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.