Let's Encrypt renews certificate but doesn't use it
Summary
On my repo https://gitlab.com/mikulaspoul/bachelor-thesis I set up Pages months ago with Let's Encrypt certificates, but haven't deployed in ages, so haven't checked recently if it works. When I go now, I get a insecure website warning, that the certificate has expired a month ago already. I received no warning and when I visit the Pages settings in that repo nothing is indicated there's an error.
That itself is an issue, but I then checked list of certificates issued for my domain, and there has been a certificate issued in September, but it's not used... (https://crt.sh/?q=bachelors-thesis.mikulaspoul.cz)
Steps to reproduce
- Set up a project with Pages with a custom domain and enable Let's Encrypt
- Don't deploy for 3 months and one day
- See the website (will have expired certificate)
- Look up the custom domain on https://crt.sh/ (should have a new certificate which isn't used)
Example Project
It happens on https://gitlab.com/mikulaspoul/bachelor-thesis, but not strictly an example project
What is the current bug behavior?
After 3 months the page becomes insecure (serves insecure certificate).
What is the expected correct behavior?
After 3 months the page still serves a secure certificate.
Relevant logs and/or screenshots
Output of checks
This bug happens on GitLab.com
Workaround
Disable auto-ssl for the domain, save the form, enable it and save the form again.