Renew Lets Encrypt SSL *before* 30 days
-
- https://docs.cloudron.io/certificates/#automatic-renewal
- https://mxtoolbox.com/problem/https/HTTPS-Certificate-Expiration
Perhaps 45 days is safer for email deliverability continuity please?
-
@marcusquinn Mmm, not sure what the mxtoolbox link says but what Cloudron does is aligned with https://letsencrypt.org/docs/integration-guide/#when-to-renew . The LE code is almost 3 years old now but when we initially wrote it, you couldn't even renew the cert earlier than 30 days. Not sure how things are now.
-
@girish Odd, I seem to have a couple that are expiring 12th Jan.
-
Yes, I've clicked to Renew All
-
@marcusquinn If you click on renew all and then click the logs button, it should tell you whether it's trying to renew (or not). But yeah, I am not sure why it hasn't tried to renew this one yet.
-
@girish Just thinking, maybe because we have so many domains it's rate-limits. You had anyone hit that before?
-
@marcusquinn It's definitely possible to hit some rate limit. Rate limits are hit mostly per domain though and the per account limits are quite high - https://letsencrypt.org/docs/rate-limits/ . So having a lot of domains, even 1000s is not a problem.
-
@girish OK, cool, will give it a few days and maybe it'll solve itself
-
@marcusquinn is it a wildcard domain that is (nearly) expiring?
I occasionally get warnings about my certificates being about to expire (e.g. in 20 days), but only on the one domain I've still got on a wildcard instead of using Gandi API key.
So far I think it's always auto renewed in time...but still ever so slightly concerning to get those emails.
-
@jdaviescoates nope, just regular domains, not sure why but will just wait and see I guess
