Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
It produced this output: No scheduled renewals found
My web server is (include version):Internet Information Services (Version 8.5.9600.16384)
The operating system my web server runs on is (include version): Windows Server 2012 R2
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): yes
We have two SSL sites running on the same server, agisign.com and agi.net. We received an email notification that agi.net is going to expire in 20 days. Running the above command line argument states there are no certificates to renew. Also note the --forcerenewal command arg is not recognized.
Wanted to add this is a production environment and I am a little desperate to get it resolved. I can probably create a new cert, but it is my understanding that there’s a limit to the number of certs for each domain. Any help would be greatly appreciated.
https://c2c.agi.net/ is using Cloudflare. The browser-to-Cloudflare connection uses Cloudflare’s Comodo certificate, but the Cloudflare-to-origin connection could be using the Let’s Encrypt certificate. A third party can’t confirm that, though.
certbot renew renews any certs it's aware of (which would typically be those in /etc/letsencrypt/archive/) that have less than the specified period of validity (usually 30 days) remaining. It doesn't know or care how or where those certs are used.
Maybe the problem has something to do with multiple sites/certs on one server? We only have this problem with renewals on the two servers (development and production) that have two sites and certificates. We have another server gmdi.agisign.com that has a certificate from Lets Encrypt that has been renewed successfully multiple times.
Is there a way to force a renewal for a specific certificate?
Recreating a new cert whenever the existing one expires will also require rebinding the cert in IIS. Difficult to automate. Also, isn’t there a limit as to how many new certificates that can be created for the same site?