We have successfully deployed letsencrypt SSL on our GitLab site running v11.7.10 CE by configuring file gitlab.rb. Now letsencrypt skips renewal saying “action nothing (skipped due to action :nothing)”. I am attaching below the partial screenshot of command call “gitlab-ctl renew-le-certs”, and automatic renewal skips as well. More information available if necessary. I guess, the program find the SSL certificate to be still up-to-date as it is newly deployed a few days ago.

I am wondering when will program actually renew the certificate, how many days before it expires. Thank you for your help.

Screenshot (gitlab-ctl renew-le-certs):

Recipe: letsencrypt::enable

• directory[/etc/gitlab/ssl] action create (up to date)
• acme_selfsigned[test.domain.name] action create
  • file[test.domain.name SSL selfsigned key] action create_if_missing (up to date)
  • file[test.domain.name SSL selfsigned crt] action create_if_missing (up to date)
  • file[test.domain.name SSL selfsigned chain] action create_if_missing (skipped due to not_if)
    (up to date)

Recipe: letsencrypt::http_authorization

• letsencrypt_certificate[test.domain.name] action create
  • acme_certificate[staging] action create
    • file[test.domain.name SSL key] action create_if_missing (up to date)
    • file[test.domain.name SSL key] action nothing (skipped due to action :nothing)
      (up to date)
  • ruby_block[reset private key] action run
    • execute the ruby block reset private key
  • acme_certificate[production] action create
    • file[test.domain.name SSL key] action create_if_missing (up to date)
    • file[test.domain.name SSL key] action nothing (skipped due to action :nothing)
      (up to date)

Hi, this looks like an issue which should be solved with update in the next release (11.1). Please check this link https://gitlab.com/gitlab-org/gitlab-ce/issues/28996 for more info.