←back to thread

LetsEncrypt – Expiration Notification Service Has Ended

(letsencrypt.org)
181 points zdw | 2 comments | 30 Jun 25 04:49 UTC | HN request time: 0.533s | source
Show context
scrapheap ◴[30 Jun 25 10:01 UTC] No.44421396[source]
This makes sense to me. You should never rely on your CA to let you know that a certificate is due to expire soon, you should have your own monitoring in place that actively checks this for you.
replies(2): >>44421753 #>>44421782 #
bo1024 ◴[30 Jun 25 11:03 UTC] No.44421782[source]
As a hobbyist without a lot of time for sysadmin, it would be nice if basic email monitoring was a standard package (apt install letsencrypt-monitors or something).
replies(3): >>44421841 #>>44422380 #>>44423233 #
johnisgood ◴[30 Jun 25 12:21 UTC] No.44422380[source]
Just use certbot. It automatically sets up a scheduled task to renew your SSL/TLS certificates in the background, typically using a systemd timer that runs twice a day. I do not know why people using LetsEncrypt would not set up certbot along with it, that is how I do it. Some nginx config + certbot.
replies(2): >>44422649 #>>44427499 #
1. bo1024 ◴[30 Jun 25 20:29 UTC] No.44427499[source]
I use certbot, but I don't think it will email me if something goes wrong.
replies(1): >>44438418 #
2. johnisgood ◴[01 Jul 25 22:10 UTC] No.44438418[source]
What would go wrong? I have been using LetsEncrypt (with certbot) for a really long time, and it never went wrong. Did it ever happen to you?