Questions about Renewing before TLS-ALPN-01 Revocations

For anyone using apache mod_md.

Simply add/change the minimum date. By default I believe its 10% or 30 days. Honestly I can't remember.

MDRenewWindow 21d

For me I simply changed 21 to 60 and restarted the apache service. I got a new certificate within a minute or two automatically.

Your apache installation will possibly be different as I run my server on FreeBSD I added the setting to:


If you have issues with mod_md change your error logging to something higher like debug and look into your log file for issues regarding mod_md.

Loglevel debug

The following is where the log file is placed by default, but you can change this in the apache config file.


Again this is for FreeBSD installs so locations of files and names might be different.

Hopefully someone finds this useful.