On February 12th and now again on April 25th I've received mails with subject "Let's Encrypt certificate expiration notice for domain XXX" for each of the domains I use LetsEncrypt certificates for. The mails always mention the previous expiration date. For example, the mail from today says the certificate expires on 2024-05-02 but actually the certificate with that expiration date has been renewed on 2nd April where the current expiration date is July, 1st since then.
My domain is: tsdh.org, www.tsdh.org, rotkap.tsdh.org
My web server is (include version): nginx-1.24.0
The operating system my web server runs on is (include version): Arch Linux
My hosting provider, if applicable, is: netcup
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 2.8.0
I fail to see how your expiration warning emails are wrong.
Please read the expiration mail documentation linked in the expiration warning email to learn how Let's Encrypt whether a certificate counts as being renewed and when LE sends expiration warning emails.
Edit:
I'm genuinly curious to know why you've concluded LE is in the wrong even if you've read the explanation already in the thread you've linked in your post. This Community is filled with people claiming LE is somehow incorrect, where that has never actually been the case. I find it very interesting from a psychological perspective why people lay the error with a company issuing more than 4 million of certs daily instead of perhaps thinking the "error" is actually with themselves.
I'm sorry, I have phrased my question wrongly. The expiry mails are certainly correct and the error is surely on my side. Nevertheless, I don't know how to fix the problem.
My understanding of the problem is that it seems I have three (?) certificates:
The certificate 1 is the one actually served by nginx and it is also the only one listed by "certbot certificates" on the machine which is also renewed successfully.
So most probably 2 and 3 are leftovers from the old server before the VPS switch or leftovers from my attempts of getting everything up and running after the server switch.
So the right question would have been: how do I get rid of 2 and 3?
