I receive email notification from the Expiry Bot saying that my certificates for the above domain will soon expire (on 23 Jul 19 09:24 +0000).
However, the certificate for those domains has been recently renewed (on the 23rd of June) and is still valid until the 21st of September.
Can you check what is wrong ? Am I wrong thinking that my certificate is still valid until September, or is there something wrong with the Expiry Bot ?
My web server is (include version):
Apache 2.4.10-10+deb8u14
The operating system my web server runs on is (include version):
Debian 8.11
My hosting provider, if applicable, is:
Self
I can login to a root shell on my machine (yes or no, or I don’t know):
Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No.
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.36.0
The certificate with two domain names isn't renewed.
That's correct too. The certificate with 6 domain names is renewed. And you use that certificate:
CN=bleys.ambercity.net
23.06.2019
21.09.2019
expires in 68 days bleys.ambercity.net,
ical.ambercity.net, ical2.ambercity.net,
noah.ambercity.net, sasha.ambercity.net,
webmail.ambercity.net - 6 entries
Nothing is wrong. Letsencrypt doesn't know which certificate you use.
Please read
When You Get an Expiration Email
If your certificate is already renewed, we won’t send an expiry notice. We consider a certificate to be renewed if there is a newer certificate with the exact same set of names, regardless of which account created it. If you’ve issued a new certificate that adds or removes a name relative to your old certificate, you will get expiration email about your old certificate. If you check the certificate currently running on your website, and it shows the correct date, no further action is needed.
You have changed the set of domain names. The old set produces the mail.
Thank you very much Juergen, this is clear.
I did not remember changing the set of names for the renewed certificate. I probably did so while migrating to certbot-auto, and completely forgot since then.
Thanks again for your prompt answer.