Let's Encrypt Expiry time

Interesting that you have chosen <10 days for auto renewal

Issued certificates last for 90 days, and are automatically renewed when there is under 10 days remaining until expiry.

As today I got the following from Let’s Encrypt Bot


Your certificate (or certificates) for the names listed below will expire in 19 days (on 13 Feb 20 16:44 +0000). Please make sure to renew your certificate before then, or visitors to your website will encounter errors.

We recommend renewing certificates automatically when they have a third of their
total lifetime left. For Let’s Encrypt’s current 90-day certificates, that means
renewing 30 days before expiration. See
Integration Guide - Let's Encrypt for details.

Looks like a typo in the docs, sorry about that.

The default in sympl-ssl is 30 days, as per the LE guides, although in Symbiosis it was 21 days, but as that often went to an unmonitored mailbox, it wasn’t usually noticed when the cert was expiring.

You should probably run sympl-ssl --verbose example.com to make sure the current cert hasn’t expired, and the email is for a cert which wasn’t revoked/renewed on an old account to make sure.

I’ve been getting these emails too, and where I’ve checked the certificate through a browser I’ve found that the certificate has a later expiry date than the one mentioned in the email.
I think this may have to do with moving sites from other hosting to a Sympl-based system in November: some domains may have certificates issued on the old hosting just before the move, which would be due to expire in the next 2-3 weeks, and they also have a newer certificate requested by Sympl, which is is the one actually in use.
I’ll continue to check if I get any more of those messages, but hope there’ll be no more from next month onwards.

I too suspected that. If it is the case I will get another in a couple of days from another domain I moved off Bytemark