Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


SOLVED Lets Encrypt renewal time



  • Just wondering if this is an error on my instance renewing or the time before the expiry-date to renew should be longer:

    Hello,

    Your certificate (or certificates) for the names listed below will expire in 16 days (on 04 Oct 20 00:43 +0000). Please make sure to renew your certificate before then, or visitors to your website will encounter errors.

    We recommend renewing certificates automatically when they have a third of their
    total lifetime left. For Let's Encrypt's current 90-day certificates, that means
    renewing 30 days before expiration. See
    https://letsencrypt.org/docs/integration-guide/ for details.

    *.cloudron.domain.com

    For any questions or support, please visit https://community.letsencrypt.org/. Unfortunately, we can't provide support by email.

    For details about when we send these emails, please visit https://letsencrypt.org/docs/expiration-emails/. In particular, note that this reminder email is still sent if you've obtained a slightly different certificate by adding or removing names. If you've replaced this certificate with a newer one that covers more or fewer names than the list above, you may be able to ignore this message.

    Regards,
    The Let's Encrypt Team


  • Staff

    @marcusquinn You probably deleted the domain *.cloudron.domain.com? If so, that's the LE team being over enthusiastic 🙂

    If you are using that domain, then it is to be concerned about. If you visit one of the apps that uses the domain in the browser, you can click the lock button and check the expiry date of your certs. Is it as what the email says?

    What you can do is : Domains -> Renew all certs. Does that renew the certs (check the browser again)? If it did, then we need to look into why the auto renewal didn't do it's thing.



  • Ahh, that would explain. It was when I first setup as a new user and it asked for a domain and I used that. Later realising it is best as a root domain, so I removed the cloudron. part.

    Without looking at that screen again, maybe it wasn't clear it should recommend using the root domain for that input?


  • Staff

    @marcusquinn said in Lets Encrypt renewal time:

    Without looking at that screen again, maybe it wasn't clear it should recommend using the root domain for that input?

    I think many people start out just like you did and then move it to the main domain. We don't put the recommendation as such because I think it can be scary to throw your root domain and API credentials into a product you are just first trying out.