Received Let's Encrypt certificate expiration notice, but certbot crontab is programmed to autorenew

Hi Newbie here,
i keep receiving emails every 3 months to inform me that within 30 days my cert is going to expire, although i have crontab autorenew running , i run the command

sudo crontab -u bitnami -l

to get

...... bncert-autorenew

but i had to manually install it just today , just in case it failed to autorenew,
my question is , is the cert installed correctly to autorenew?
should i ignore the email?

My domain is: shardyinteriors.co.uk

I ran this command: Sudo /opt/bitnami/bncert-tool

It produced this output: succeeded

My web server is (include version): apache/bitnami

The operating system my web server runs on is (include version): linux

I can login to a root shell on my machine (yes or no, or I don't know): yes

2 Likes

I don't understand this sentence. The way the cert is installed has no influence on auto-renew. That job is up to the ACME client used.

I don't have any experience with Bitnami nor the bncert tool. Perhaps it'll renew later? Also, I don't remember Let's Encrypt sending expiry notifications already at 30 days prior to the expiry. Who is the sender of the e-mail?

2 Likes

You removed so much of the output that it doesn't provide enough to know where the problem is (or isn't).

2 Likes

Your website doesn't connect for me (I'm in Australia) so you may be filtering IPs on geographic region. Note that this can interfere with the http validation process that Let's Encrypt uses. Or your website just isn't working.

You can receive expiry notification emails if you previously requested shardyinteriors.co.uk but then changed it to be a cert that includes www.shardyinteriors.co.uk and shardyinteriors.co.uk (for example). Let's Encrypt sees this as two different certificates so the old one is considered to be expiring even though you don't use it anymore.

3 Likes

I was just about to ask a similar question, but I think you've answered it for me. next question is, how do I discontinue expiry notices for the old certificate? is it enough to just ignore them?

1 Like

Yes. If you unsubscribe, this will apply to all Let's Encrypt reminder e-mails, including those for other certificates. (In that case, you should consider setting up your own certificate monitoring—there are lots of services and tools to help with this.)

If you just ignore any notices for no-longer-used certificates, you'll eventually stop getting them.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.