Renewed domains do not look renewed and receive Lets Encrypt emails

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:
certbot-auto certificates

It produced this output:
Found the following certs:
Certificate Name:
Expiry Date: 2020-03-16 16:32:31+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/
Private Key Path: /etc/letsencrypt/live/

My web server is (include version):
Apache 2.2.15

The operating system my web server runs on is (include version):
CentOS 6.10

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

As shown above, the certificate does not expire until 2020-03-16 according to “certbot-auto certificates” and yet I get an email telling me that it renews soon.
When I go to to check the domain it shows 2 certificates (no idea why there are 2) and they both are shown to expire in early January 2020 instead of March 2020. ID 1988178444
Not Before: Oct 10 16:13:20 2019 GMT
Not After : Jan 8 16:13:20 2020 GMT
Subject: commonName = ID 1980747422
Not Before: Oct 10 16:13:20 2019 GMT
Not After : Jan 8 16:13:20 2020 GMT
Subject: commonName =

I have looked at the other posts with similar issues regarding receipt of renewal emails and I do not believe those apply to me. Why does not show the same expiry date in March of next year and why do I get these emails. The same reason, whatever that is, I suppose.

1 Like is not working right now due to a database issue. Browsing to your website it has a correct expiry date of March 16, 2020. Try using google certificate transparency

Emails can sometimes be misleading, if you add or remove subdomains it will still trigger an email. Because it looks for an exact match certificate, if you change anything on it it will see it as a new one and still send an email about the old one.


Thanks, I can see the list and am surprised to see the duplication but I have no idea how to remove the ones that are still showing to be expiring in January.

Also, the first time I installed the certificate for one of my websites and it asked me which websites to create it for, I was under the mistaken assumption that it would allow me to create several certificates at once. It was suggested I delete the other ones by omitting the -d option for the other domains but clearly it did not remove them from the certificate.

If I look at the results for it still shows the and a site called even though I removed those domains from the certificate, at least I thought I did.

The certificates listed on and should therefore both be removed altogether. How can I get rid of those? That may be where the certificates expiring in January come from and is not having them removed going to cause a problem on January 8th?

1 Like

Certificates cannot be removed from certificate transparency, ever. It is simply a log of all certs you have issued. If you don’t use the nearly expiring certificates on your server, and browsing to your website shows a proper expiration date there isn’t any further action you need to take.

1 Like

That’s a relief. When I look at the certificates in the browser they all show an expiry date in March so I should be good then. Will keep my fingers crossed nevertheless.
Thanks for the help


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.