Hello, I wondered if anyone could help. I am receiving several emails regarding a “staging environment” certificate expiry. An example is (redacting anything specific). Can anyone shed light on this? The actual certs being referenced in the emails are not about to expire (on an automated renewal script, double checked to be sure etc). Thanks for any insight.
Hello,
[ Note: This message is from the Let's Encrypt staging environment. It likely is not relevant to any live web site. ]
You issued a testing cert (not a live one) from Let's Encrypt staging environment. This mail takes the place of what would normally be a renewal reminder, but instead is demonstrating delivery of renewal notices. Have a nice day!
Details:
DNS Names: [redacted]
[redacted]
[redacted]
Expiration Date: 12 Oct 16 13:29 +0000)
Days to Expiration: 1
For any questions or support, please visit https://community.letsencrypt.org/. Unfortunately, we can't provide support by email.
If you are receiving this email in error, unsubscribe at http://mandrillapp.com/track/unsub.php?[redacted] (HTTP link, we know. We're working on it!)
Regards,
The Let's Encrypt Team
@da-n, you can of course contact @cpu if you want an authoritative answer. I just wanted to suggest that if anyone else helped to get your certificate environment set up, and ran a test with --staging, you would get these reminders even though the test certificate perhaps didn’t get installed or retained anywhere.
Did you ever get an answer to your question? I am receiving the same message. Maybe I did run a test with the “–staging” argument, but I don’t remember at this point. I ran openssl against my current “cert.pem” and it says it is valid:
Validity
Not Before: Oct 5 12:25:00 2016 GMT
Not After : Jan 3 12:25:00 2017 GMT
I would just like to know what I need to do to stop receiving these “[Test Message]” e-mails and still maintain what I think is a valid certificate.
I didn’t receive a domain name from @da-n to investigate further.
@boards188, Can you share the domain names you are receiving a staging expiration email for? I’m not aware of any bug that would produce these messages and suspect it was likely a true --staging issuance that might have been forgotten about.
So, I suspect that I ran the “–staging” argument at the beginning. So, I think the question is, how do I get rid of “acme-staging.api.letsencrypt.org”?
I am somewhat reluctant to publish the host/domain because it is just for my personal use. But, it is boards.dnsalias.net.
Are you using Certbot? I'm not sure what the best method for cleaning up an active staging entry with Certbot is, but perhaps @bmw, @schoen, or another community forum member would know.
If you just want to clean up the files in /etc/letsencrypt after issuing from staging, you should be able to simply delete /etc/letsencrypt/accounts/acme-staging.api.letsencrypt.org. In almost all cases, this should be fine, however, it depends on what you’ve done with Certbot in the past. To verify that this is safe to do, run this command:
sudo grep -r $(sudo ls /etc/letsencrypt/accounts/acme-staging.api.letsencrypt.org/directory) /etc/letsencrypt/renewal/
If it produces no output, deleting /etc/letsencrypt/accounts/acme-staging.api.letsencrypt.org is safe and won’t cause any errors in the future.