Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I got a mail from Letsencrpy about expiry of one of my domain (which is actually on http). However when I tried to renew it manually using certbot webroot, it says the domain is not yet expired and want to renew with new certificate or keep as it is. I checked the certbot certificate and found the same domain as having 71 days of expiry. Why I received a mail then saying your domain certificate from lets encrpt will expire in 19 days.
My domain is: An http portal
I ran this command: certbot certificate
It produced this output: Found that the domain is already renewed with expiry of 71 days.
My web server is (include version): Apache
The operating system my web server runs on is (include version): Centos 7
My hosting provider, if applicable, is: Softlayer
I can login to a root shell on my machine (yes or no, or I don’t know):yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):No
If your certificate is already renewed, we won’t send an expiry notice.
When is a certificate renewed?
We consider a certificate to be renewed if there is a newer certificate with the exact same set of names, regardless of which account created it.
You may have this:
If you’ve issued a new certificate that adds or removes a name relative to your old certificate, you will get expiration email about your old certificate. If you check the certificate currently running on your website, and it shows the correct date, no further action is needed.
Thanks much for your time and reply. I may not be well versed but here is the issue:
The certbot certificate shows the domain name in list of renew certification but the url shows the following. Please note its not encrypted. Could that be the reason?
How did you get the certificate in the first place? Which installation plugin was used? Or did you manually install the certificate? If the latter is the case, did you directly use the path in /etc/letsencrypt/live/... or did you copy the certificate from that location first to some other location? If you didn't use an installer plugin, did you reload your webserver, so Apache actually uses the new certificate?
Note that “Connection Not Encrypted” just means the browser is connecting over HTTP - it doesn’t tell you anything about whether the certificate is valid or not - you need to attempt to connect over HTTPS to find that out. Maybe it’s working fine and you just need to set up a redirect?
As you explained, Note that “Connection Not Encrypted” just means the browser is connecting over HTTP - it doesn’t tell you anything about whether the certificate is valid or not - you need to attempt to connect over HTTPS to find that out. I will look into this.
