Latest lego (2.0.1) fails to renew certs when not using previously optional --days xx option
For example, the following does nothing, no renewal but no errors
lego -a --path="/usr/local/etc/ssl/acme" --email="[email protected]" --domains="example.com" --domains="www.example.com" --http renew
but the next one with the addition of --days works fine
lego -a --path="/usr/local/etc/ssl/acme" --email="[email protected]" --domains="example.com" --domains="www.example.com" --http renew --days 99
Pre 2.0 lego used to force renewal when not using --days
PS: FreeBSD r12 x64, lego 2.0.1 HTTP challenge only
athanp
All 3 comments
When you don't explicitly define --days, now lego use a default value: 15
$ lego renew -h
NAME:
lego renew - Renew a certificate
USAGE:
lego renew [command options] [arguments...]
OPTIONS:
--days value The number of days left on a certificate to renew it. (default: 15)
--reuse-key Used to indicate you want to reuse your current private key for the new certificate.
--no-bundle Do not create a certificate bundle by adding the issuers certificate to the new certificate.
--must-staple Include the OCSP must staple TLS extension in the CSR and generated certificate. Only works if the CSR is generated by lego.
ldez
on 9 Jan 2019
👍2
I didn't notice that --days is now default even when omitted.
It wasn't in lego 1.x.x AFAIK
Thanks for the clarification!
athanp
on 9 Jan 2019
👍1
Could you add this to the 2.0 changelog? It took me a while to understand why lego wasn't printing anything...
matteocontrini
on 10 Jan 2019
👍1
Was this page helpful?
0 / 5 - 0 ratings
Related issues
moomerman
路
4Comments
mhoran
路
4Comments
kop
路
5Comments
datafoo
路
3Comments
richtr
路
5Comments
Most helpful comment
When you don't explicitly define
--days, now lego use a default value:15