Keep getting notified about expiring certs

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: nextupband.com and mrejthedj.com

I ran this command: Not sure what I need to do

It produced this output: None

My web server is (include version): Apache

The operating system my web server runs on is (include version): Turnkey Linux (VM)

My hosting provider, if applicable, is: Self-hosted

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 2.0.1-4

2

Yes, you received a number of certs with different lists of domain names recently. The emails should list the domain name(s) on the cert that it is warning about.

As the email notes, each different set of names on a cert is considered unique for this purpose.

There are two emails per such unique cert. The second and last is 7 days before expiry. So, you won't receive many more. As also noted here: Expiration Emails - Let's Encrypt

Further, Let's Encrypt is dropping support for these emails altogether. Please see this announcement: Ending Support for Expiration Notification Emails - Let's Encrypt

View the list of the domain names in each cert using a tool like https://crt.sh. Click the crt ID on its list and look for the Subject Alternative Names section. These are the names you requested for that cert. Below is just the common name you need to view it yourself to get the SANs list.

image
image2256×411 110 KB

4 Likes