The following certs are not due for renewal yet


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is navaak.com

I ran this command:
/usr/bin/certbot renew --noninteractive --renew-hook

It produced this output:
The following certs are not due for renewal yet:

My web server is (include version):
compiled nginx/1.14.0

The operating system my web server runs on is (include version):
(Ubuntu 18.04)

My hosting provider, if applicable, is:

I can log in to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):no_bell:

I got an email that I should renew before expiration but I can not renew.
What should I do?
should I wait for expiring and then renew the keys ??


#2

Please check if the “When You Get an Expiration Email” section on https://letsencrypt.org/docs/expiration-emails/ is applicable to your situation.


#3

Thank you for reply. I checked it.
So another question is:
What is this line in my renew commands??" /etc/letsencrypt/live/dl-at.navaak.com/fullchain.pem expires on 2019-01-15 (skipped)
"
Do I need to run renew command on exactly 2019-01-15 00am??


#4

It is an overview of your current certificates. It also signifies the certificate expires on 15 january 2019 and therefore is skipped for renewal on that specific renewal run.

No, most users will have a cron job or systemd timer running to run certbot renew twice daily. Depending on your distribution and method of installing certbot, this cron job or systemd timer is already installed.

Furthermore, Let’s Encrypt recommends to renew a certificate 30 days before expiry. certbot will renew a certificate 60 days after the issuing date (and thus 30 days before expiry, as LE certificates are valid for 90 days) by default.

So if you have a cron job or systemd timer running for the certbot renew command, you won’t have to do anything manually (except perhaps reloading your webserver if you didn’t use the apache or nginx installer plugin and if you haven’t made some sort of reloading command/script hooked up to the --deploy-hook option.