I’ve been receiving certificate expiration notice/renewal reminder emails for one of my Let’s Encrypt certs, even though the certificate has been renewed and doesn’t expire until February (cert expiration date has been checked with openssl and browser). Looks like a bug with the Let’s Encrypt reminder system?
This is a common point of confusion that we recently added some more documentation for:
If your certificate is already renewed, we won’t send an expiry notice. We consider a certificate to be renewed if there is a newer certificate with the exact same set of names, regardless of which account created it. If you’ve issued a new certificate that adds or removes a name relative to your old certificate, you will get expiration email about your old certificate. If you check the certificate currently running on your website, and it shows the correct date, no further action is needed.
Typically folks will add additional domain names to a certificate, creating a new certificate from our system’s perspective, not a renewal. When the old (typically unused) certificate with the smaller set of names is due to expire, the warning email about it can be confusing.
If this sounds like your circumstance then the mystery is solved If you aren’t sure the next step for us to help would be for you to provide the domain name(s) you are receiving warnings for so that we can check the certificate issuance history for them.
I did add some additional subdomains, so I guess that’s what happened. Thanks for the quick response.
Great! Happy to help.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.