I received an email from Let's Encrypt Expiry Bot stating: but when I check the certificate used on the websites, they are issued on 15th December 2021 and so still have about 35 days left. So certbot is not renewing them yet, about 15th Feb should start the renewing. I examined the certificate the website uses in browser address bar, that shows certificate issued 15th December and expires 15th March. Examining the headers in the e-mail it looks to me it really does come from Let's Encrypt, the received from header shows sender that is in SPF record. I can not see any bad links or any other things that would con me to doing something stupid. I do not understand this e-mail. Is the Expiry Bot somehow broken or is the website setup problematic somehow? This particular certificate includes to domains and the www. automatically added ones, so 4 domains altogether. I do not remember having this problem previously and these websites have had LE certificates for several years. The other website redirects to the first, using Code: <meta http-equiv="Refresh" content="0; url='https://... Should I do the redirecting in some other way? But I still do not see where the expiry date on 11th Feb comes from.
I usually check the live certificate for the name they are reporting to make sure renewals are working, and if they are I just ignore the emails. I recently saw one for a domain which had been deleted from the server (I think the certificate was deleted as well). Other times there are changes to the domains included in the certificate made, probably in the "wrong" way, which result in multiple certificates being created, but only one is actually used and renewed, and the email is reporting on one of the others which is no longer used.
That may well be the case. Somehow that domain has two certificates on LE and the other not actually used certificate is about to expire. I'll mark calendar so I remember to check when the actually in use certificate is about to be renewed, interesting things may happen.
