Never had a successful 'renew'. Ever

According to the documentation, force-renewal is to be used with the certonly and run options, not renew?

It also has an effect when used with renew but the documentation doesn’t mention that, I think because it’s so unlikely to be appropriate to do this.

So how come it’s appropriate to allow us to manually add the challenges when installing NEW certs, but not when doing a renewal?

Hasn't this already been addressed up-thread? It's because the renewal is designed to be run on a timer, not interactively at the command prompt.

If I’m still misunderstanding things I apologize for the extension of the thread. I’m assuming existing certs could simply be renewed instead of having to be regenerated & replaced. If I’m wrong about that, then yea this whole thread is really gone off the rails and might as well be closed up.

It’s the latter - certificates are immutable. The term “renewal” is a bit of a misnomer, as you’re indeed just getting a new certificate with identical names. Think of it like a driver’s license or passport. When you renew it, you’re given a completely new one, as opposed to scratching out the expiration date and writing a new one.

4 Likes

Well then I deserve all the embarrassment I get from this thread lol.

Plus, for every "renewed" certificate, you need to prove again and again you still own the domain. So the challenge needs to be performed too, again and again.

1 Like

Perhaps I’m being dumb, (not being a techie can actually help sometimes). I don’t understand what’s so complicated! I have Let’s Encrypt running on about 5 of my customers websites and all renew automatically every time. No problem. I think once, with one client the encryption did not renew the first time, but that was because I had a bit of deprecated code in the htaccess file.

Why even use some complicated method that obviously doen’t work. The K.I.S.S. principle needs to be applied here…

I think there were definitely some productive answers so not all is lost :slight_smile:

Given everyone seems to be on the same page now and the original topic has been addressed I'll take your pointer and close the thread.

Thanks all,

2 Likes