Renew notification

James_Quilter · July 18, 2017, 12:00pm

Hi

Basically, I’m getting emails telling me my cert is up for renewal. Yet when I attempt to run the renew command I get the response below, telling me I don’t need to renew.

My domain is: electrocontent.com

I ran this command: certbot-auto renew

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/electrocontent.com.conf
-------------------------------------------------------------------------------
Cert not yet due for renewal

The following certs are not due for renewal yet:
  /etc/letsencrypt/live/electrocontent.com/fullchain.pem (skipped)
No renewals were attempted.

The debug log has this:

2017-07-18 11:49:49,261:DEBUG:certbot.main:certbot version: 0.16.0
2017-07-18 11:49:49,262:DEBUG:certbot.main:Arguments: []
2017-07-18 11:49:49,262:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manua$
2017-07-18 11:49:49,280:DEBUG:certbot.log:Root logging level set at 20
2017-07-18 11:49:49,281:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2017-07-18 11:49:49,315:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x7fa9e3f3e15$
2017-07-18 11:49:49,316:DEBUG:certbot.cli:Default Detector is Namespace(account=<certbot.cli._Default object at 0x7fa9e3f8b95$
2017-07-18 11:49:49,325:INFO:certbot.renewal:Cert not yet due for renewal
2017-07-18 11:49:49,325:DEBUG:certbot.renewal:no renewal failures

My web server is (include version): Apache/2.4.18 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu 16.04

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no.

Thanks for taking a look at this.

James

cpu · July 18, 2017, 1:00pm

Hi @James_Quilter,

It looks like the renewal warning is for this certificate, serial 03:ca:db:82:14:30:85:27:e5:3f:0f:43:06:c8:30:ae:e5:9f, covering only the domain electrocontent.com.

I believe the certificate you are using now, and the one that is being renewed regularly covers both electrocontent.com and www.electrocontent.com.

The expiration email documentation helps explain why you are getting an expiration warning for the first single-domain certificate:

If your certificate is already renewed, we won’t send an expiry notice. We consider a certificate to be renewed if there is a newer certificate with the exact same set of names, regardless of which account created it. If you’ve issued a new certificate that adds or removes a name relative to your old certificate, you will get expiration email about your old certificate. If you check the certificate currently running on your website, and it shows the correct date, no further action is needed.

Hope that helps!

James_Quilter · July 18, 2017, 1:14pm

That makes sense to me.

Many thanks for taking the time to help me out.

Cheers

James

system · August 17, 2017, 1:24pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Question about renew certs Help	4	689	June 6, 2018
'certbot -renewal' is not renewing the certificate Help	15	6732	November 16, 2017
How to overcome Certbot none renewal of expired certificate Site Feedback	22	3159	October 4, 2021
Cannot renew one of my letsencrypt certificates Help	12	3079	November 18, 2017
The renew command output said it's not needed to renew, but when I visit demo.seafile.com, the browser told me "the certificate expired..." Help	4	1310	September 1, 2017

Renew notification

Related topics