From cb705b468601f77664a24b6a2ba9a07c3d2c879a Mon Sep 17 00:00:00 2001
From: "Hahn Axel (hahn)" <axel.hahn@unibe.ch>
Date: Thu, 9 Jan 2025 16:10:52 +0100
Subject: [PATCH] update docs

---
 docs/30_Usage.md | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/docs/30_Usage.md b/docs/30_Usage.md
index f10d389..7d37cb2 100644
--- a/docs/30_Usage.md
+++ b/docs/30_Usage.md
@@ -173,3 +173,16 @@ to get a list of existing certs an then use the hostname in the 1st column to sh
 In **log/certmanager.log** you find a logging about time of changes for a certificate: when it was added, renewed, deleted. A skipped renew execution (even if it was triggered internally by "ensure") won't be logged.
 
 Additionally there is a --trace option (must be the 1st param) - an execution output will be put to logfile that contains domain and timestamp.
+
+## List old certificates
+
+If you have many ssl certificates - during the time there are outdated domains and unneeded certificate files.
+The parameter `list-old` shows old certificates in 2 blocks:
+
+* Certificates with age 65 ... 90 days<br>Remark: the Certificates are valid for 90 days. The will be renewed 4 weeks before expiration. This list shows certificates that are still valid but should bew renewed soon.
+* Certificates older 90 days<br>Remark: expired certificates. Use `[APPPATH]/cm.sh delete <Domain>` to delete the files.
+
+Exitcodes:
+0 - all certs are up to date.
+1 - certificates to renew were found
+2 - outdatedt certificates were found
-- 
GitLab