Let's Encrypt skips renewal after recent successful deployment

We have successfully deployed letsencrypt SSL on our GitLab site running v11.7.10 CE by configuring file gitlab.rb. Now letsencrypt skips renewal saying “action nothing (skipped due to action :nothing)”. I am attaching below the partial screenshot of command call “gitlab-ctl renew-le-certs”, and automatic renewal skips as well. More information available if necessary. I guess, the program find the SSL certificate to be still up-to-date as it is newly deployed a few days ago.

I am wondering when will program actually renew the certificate, how many days before it expires. Thank you for your help.

Screenshot (gitlab-ctl renew-le-certs):

Recipe: letsencrypt::enable

  • directory[/etc/gitlab/ssl] action create (up to date)
  • acme_selfsigned[test.domain.name] action create
    • file[test.domain.name SSL selfsigned key] action create_if_missing (up to date)
    • file[test.domain.name SSL selfsigned crt] action create_if_missing (up to date)
    • file[test.domain.name SSL selfsigned chain] action create_if_missing (skipped due to not_if)
      (up to date)

Recipe: letsencrypt::http_authorization

  • letsencrypt_certificate[test.domain.name] action create
    • acme_certificate[staging] action create
      • file[test.domain.name SSL key] action create_if_missing (up to date)
      • file[test.domain.name SSL key] action nothing (skipped due to action :nothing)
        (up to date)
    • ruby_block[reset private key] action run
      • execute the ruby block reset private key
    • acme_certificate[production] action create
      • file[test.domain.name SSL key] action create_if_missing (up to date)
      • file[test.domain.name SSL key] action nothing (skipped due to action :nothing)
        (up to date)

Hi, this looks like an issue which should be solved with update in the next release (11.1). Please check this link https://gitlab.com/gitlab-org/gitlab-ce/issues/28996 for more info.