Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
The following certificates are not due for renewal yet:
/etc/letsencrypt/live/www.denisewongmusictherapy.co.uk/fullchain.pem expires on 2022-01-10 (skipped)
No renewals were attempted.
My web server is (include version):
Nginx
The operating system my web server runs on is (include version):
Ubuntu 20.04.3 LTS
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
1.21.0
Hi @ZathrasXI and welcome to the LE community forum
You should probably reread the email more closely.
It is likely that there exists more than one currently valid cert for your domain(s).
One of them may be expiring soon and is why you received the email notice.
Checking the site, one can see that it serves a cert that expires in January.
Your certificate (or certificates) for the names listed below will expire in 0 days (on 11 Nov 21 16:01 +0000). Please make sure to renew your certificate before then, or visitors to your web site will encounter errors.
We recommend renewing certificates automatically when they have a third of their total lifetime left. For Let's Encrypt's current 90-day certificates, that means renewing 30 days before expiration. See Integration Guide - Let's Encrypt for details.
For details about when we send these emails, please visit: Expiration Emails - Let's Encrypt In particular, note that this reminder email is still sent if you've obtained a slightly different certificate by adding or removing names. If you've replaced this certificate with a newer one that covers more or fewer names than the list above, you may be able to ignore this message.
The email is referring to a certificate (that can be used on a website).
It clearly states how when a certificate is renewed and it does NOT include the exact same set of names it is NOT considered a renewal but a new certificate.
Note: There is no way for any CA to know exactly where/how a certificate is being used.
Again, please reread the email more closely.
And as shown by link below, there were three certs issued on 2021-08-13: crt.sh | www.denisewongmusictherapy.co.uk
Of which, the first two don't match the third.
Which means there where two different certs issued that day.
One may have been renewed or have been a renewal of the other from the same day.
But they are not all the same and one of them is expiring.
The notice is accurate.
The first is a renewal of the second.
The third is a renewal of the fourth - but it hasn't been renewed and it expires today.
This, as the email states, is likely not of real concern to you since you are likely only using the first cert.
Read the last sentence from your own post.
Thank you for your patience and for explaining that to me. This is the first website I've ever made and I remember being tired, confused and making silly mistakes when setting up certbot.
Thanks again for clarifying that.
I will look into removing certificates #2,#3 and #4 as they are not needed.
