@@ -173,3 +173,16 @@ to get a list of existing certs an then use the hostname in the 1st column to sh
In **log/certmanager.log** you find a logging about time of changes for a certificate: when it was added, renewed, deleted. A skipped renew execution (even if it was triggered internally by "ensure") won't be logged.
Additionally there is a --trace option (must be the 1st param) - an execution output will be put to logfile that contains domain and timestamp.
## List old certificates
If you have many ssl certificates - during the time there are outdated domains and unneeded certificate files.
The parameter `list-old` shows old certificates in 2 blocks:
* Certificates with age 65 ... 90 days<br>Remark: the Certificates are valid for 90 days. The will be renewed 4 weeks before expiration. This list shows certificates that are still valid but should bew renewed soon.
* Certificates older 90 days<br>Remark: expired certificates. Use `[APPPATH]/cm.sh delete <Domain>` to delete the files.