cert_status always returns EXPIRED #1047

markymarrow · 2023-08-07T10:10:38Z

running

docker exec acme-companion /app/cert_status

always returns EXPIRED, even for a newly created cert

##### Certificate status #####
/etc/nginx/certs/xxx/fullchain.pem: EXPIRED
Certificate was issued by R3
Certificate was valid until Nov  4 17:25:02 2023 GMT
Subject Name:
- xxx
Certificate is used by the following domain(s):
- xxx
##############################

I believe this may be due to the use of

openssl verify -CAfile <fullchain.pem> <cert.pem>

instead of

openssl verify -untrusted <fullchain.pem> <cert.pem>

as suggested here:
https://community.letsencrypt.org/t/how-to-verify-le-cert-using-openssl/177679

acme-companion image version

Info: running acme-companion version v2.2.8-6-g63176c2

The text was updated successfully, but these errors were encountered:

buchdag · 2023-08-08T15:48:49Z

I'll try to look into this this week, thanks for the heads up.

buchdag self-assigned this Dec 12, 2023

buchdag mentioned this issue Dec 25, 2023

fix: don't display LE certificate as erroneously expired #1081

Merged

buchdag closed this as completed in #1081 Dec 25, 2023

buchdag added the kind/bug label Dec 25, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

cert_status always returns EXPIRED #1047

cert_status always returns EXPIRED #1047

markymarrow commented Aug 7, 2023

buchdag commented Aug 8, 2023

cert_status always returns EXPIRED #1047

cert_status always returns EXPIRED #1047

Comments

markymarrow commented Aug 7, 2023

acme-companion image version

buchdag commented Aug 8, 2023