Unnecessary expiry emails

Why do I keep getting the following email?
I run “certbot renew” twice a day for both domains.
You need to correctly setup when do you allow early recertification vs when do you send out emails.

I automated away the recertification, don’t expect manual labor from the user.
I do appreciate last chance emails only if the automation fails.
So either extend the recertification period or reduce the email expiry time.

Your certificate (or certificates) for the names listed below will expire in 20 days (on 04 May 20 19:41 +0000). Please make sure to renew your certificate before then, or visitors to your website will encounter errors.    
fix.smartapps.icu
smartapps.icu

Everything is green here:


sudo certbot renew
Cert not yet due for renewal
No renewals were attempted.
No hooks were run.

1 Like

Hi @mrx23dot

read the complete output - the #ct-logs - part - https://check-your-website.server-daten.de/?q=smartapps.icu#ct-logs

Issuer not before not after Domain names LE-Duplicate next LE
Let’s Encrypt Authority X3 2020-03-22 2020-06-20 dna.smartapps.icu, dnaart.smartapps.icu, fix.smartapps.icu, smartapps.icu - 4 entries
Let’s Encrypt Authority X3 2020-03-08 2020-06-06 dna.smartapps.icu, fix.smartapps.icu, smartapps.icu - 3 entries
Let’s Encrypt Authority X3 2020-02-26 2020-05-26 dna.smartapps.icu, fix.smartapps.icu, smartapps.icu - 3 entries
Let’s Encrypt Authority X3 2020-02-04 2020-05-04 fix.smartapps.icu, smartapps.icu - 2 entries

You use one certificate with 4 domain names.

But you have certificates with 3 and 2 domain names.

Letsencrypt doesn’t know if you use the certificate with two domain names -> that’s the mail.

2 Likes

Thank you that makes sense, I have multiple certificates (new and old) for one domain, and I’m getting emails about the old unused certificate.

It would be nice to have something about this in the email (redundant certs.), or a full list of certs+domains with CertSpotter-Ids.

Maybe an unsubscribing method for one given certificate, not from every email.

Cheers,

The community forum has a ‘Feature Requests’ section. You should see if this has been asked before and make the request if so. That’s the best place for the Let’s Encrypt team to see and respond to requests of this nature.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.