SSL certificate expire date

Hello ;
I receive a warning email from letsencrypt that my certificates will expire. (on 16 Oct 19 11:21 +0000) But I check with “certbot-auto certificate” command and some web site ( like https://www.whynopadlock.com ) my certificates expire date like ( Expiry Date: 2019-12-10 12:23:13+00:00 (VALID: 64 days) ) I want to renew with “certbot-auto renew” command I get the following information ;
(The following certs are not due for renewal yet:
/etc/letsencrypt/live/webhost.sakarya.edu.tr/fullchain.pem expires on 2019-12-10 (skipped)
No renewals were attempted.)
must I do something about my certificate expire date before on 16 Oct 19 ?
Thanks.

My domain is: webhost.sakarya.edu.tr

I ran this command: certbot-auto renew

It produced this output: (The following certs are not due for renewal yet:
/etc/letsencrypt/live/webhost.sakarya.edu.tr/fullchain.pem expires on 2019-12-10 (skipped)
No renewals were attempted.)

My web server is (include version): apache

The operating system my web server runs on is (include version): centos 6.8

From https://letsencrypt.org/docs/expiration-emails/#when-you-get-an-expiration-email :

If your certificate is already renewed, we won’t send an expiry notice. We consider a certificate to be renewed if there is a newer certificate with the exact same set of names, regardless of which account created it. If you’ve issued a new certificate that adds or removes a name relative to your old certificate, you will get expiration email about your old certificate. If you check the certificate currently running on your website, and it shows the correct date, no further action is needed.

You added and removed a number of domains on your most recent certificate, which causes Let’s Encrypt’s expiry reminder system to count them separately.

You can safely ignore the reminder email if you are no longer using the older certificate.

Hi @kaslan

checking your domain there are 5 certificates:

1 - 2019-07-11 - 47 domain names
2 - 2019-07-18 - 49 domain names
3 - 2019-08-07 - 51 domain names
4 - 2019-09-11 - 53 domain names
5 - 2019-09-11 - 55 domain names

So you have changed the set of domain names -> so you don't need the older certificate.

I add first certificate with "./certbot-auto –apache -d webhost.sakarya.edu.tr " commad and I want to add new domain I use " ./certbot-auto --expand -d webhost.sakarya.edu.tr -d example1.sakarya.edu.tr -d example2.sakarya.edu.tr " command . is there any mistake in this usage for letsencrypt ?

Your command is correct.

The issue with the expiry emails is that they are too "dumb" to understand that you added new domains to your certificate.

You can disregard the email in this case, as you are using a newer certificate.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.