Yesterday I received an email saying my Let’s Encrypt certificate will expire on 10 April 2019. Quoting from the email:
Your certificate (or certificates) for the names listed below will expire in 10 days (on 10 Apr 19 07:19 +0000). Please make sure to renew your certificate before then, or visitors to your website will encounter errors.
We recommend renewing certificates automatically when they have a third of their
total lifetime left. For Let’s Encrypt’s current 90-day certificates, that means
renewing 30 days before expiration. See
https://letsencrypt.org/docs/integration-guide/ for details.
However, when I run “certbot renew” on my server, I get this:
[root@vmserver5 cron.daily]# certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Cert not yet due for renewal
The following certs are not due for renewal yet:
/etc/letsencrypt/live/campercaver.net/fullchain.pem expires on 2019-06-18 (skipped)
No renewals were attempted.
Why am I getting a renewal notice if my certificate does not need renewal?? Why is there a difference between expiration dates?
The server is CentOS7 and Apache 2.4.6. Certbot is version 0.31.0. There is a cron job that runs certbot every day.
Thanks - Bill Gee