Renew certificate earlier than 30 days prior to expiration

Over time I have created several sites and created certs for them at that time.

Today I tried to renew one early to line it up with others I renewed today and got a message about good for another 30 days, or something like that.

How can I renew it early? I renew via command line, as required, I cannot use Certbot on my hosting service, for reasons I do not recall.

2 Likes

Hi @joea,

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

I realize it is pro forma, but don’t see the need, all I want to do is force a new cert to be generated prior to the default 30 day remaining restriction. Normally, when the certs are ready to expire and the script completes, for a given domain, I cut and paste the contents of the generated files to my sites via the hosts control panel, which then restarts, I presume, the web server for that domain. Works fine. But in this case the cert is not due to expire, so I get the error shown and no new files.

But here is a short answer to your request.

the domain is: joeseppi.com

I have shell access. at the shell I enter:

domain=joeseppi.com
sh getssl joeseppi.com

result is:
joeseppi.com: certificate is valid for more than 30 days (until Aug 21 14:14:31 2019 GMT)

Thanks for any assistance.

Which script/ACME client are you using?

While gathering info for you, I stumbled upon the solution. Simply getssl -f, to ignore expiry check.

Thanks. See below, FWIW.

current code is version 2.10

Most recent version is 2.10
getssl ver. 2.10
Obtain SSL certificates from the letsencrypt.org ACME server

2 Likes

Great! I'm glad to hear you found the solution you need. Thanks for reporting back so the next person using getssl with the same question can jump to the solution :slight_smile:

Take care,

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.