- Server operating system version
- Ubuntu 22.04
- Plesk version and microupdate number
- 18.0.57
Hello,
I actually have this issue ever since we changed over to SSLit!, the domains using normal .acme folder verification do correctly renew automatically, all domains that use wildcard certificates and do DNS check do not. I always get this mail:
The messages displayed some months are different than others, e.g. the missing order id one may be had by a different domain in some months. I have no idea why this just doesnt want to work, before SSLit it worked great. Now we have to manually renew them, which works without problems.
I actually have this issue ever since we changed over to SSLit!, the domains using normal .acme folder verification do correctly renew automatically, all domains that use wildcard certificates and do DNS check do not. I always get this mail:
Could not secure domains of xxx (login xxx) with Let`s Encrypt certificates. Please log in to Plesk and secure the domains listed below manually. Securing of the following domains has failed: <none> The following domains have been secured without some of their Subject Alternative Names: <none> Could not renew Let`s Encrypt certificates for [name redacted] (login admin). Please log in to Plesk and renew the certificates listed below manually. Renewal of the following Let`s Encrypt certificates has failed: ** 'Lets Encrypt domain1' [days to expire: 29] ** [-] *.domain1 [-] domain1 Invalid response from https://acme-v02.api.letsencrypt.org/acme/new-order. Details: Type: about:blank Status: 503 Detail: {"type": "urn:ietfarams:acme:error:rateLimited", "detail": "Service busy; retry later."} ** 'Lets Encrypt domain2' [days to expire: 29] ** [-] *.domain2 [-] domain2 Invalid response from https://acme-v02.api.letsencrypt.org/acme/new-order. Details: Type: about:blank Status: 503 Detail: {"type": "urn:ietfarams:acme:error:rateLimited", "detail": "Service busy; retry later."} ** 'Lets Encrypt domain3' [days to expire: 29] ** [-] *.domain3 [-] domain3 Could not obtain a replay nonce: Server error: `HEAD https://acme-v02.api.letsencrypt.org/acme/new-nonce` resulted in a `503 Service Temporarily Unavailable` response ** 'Lets Encrypt domain4' [days to expire: 29] ** [-] *.domain4 [-] domain4 Could not obtain a replay nonce: Server error: `HEAD https://acme-v02.api.letsencrypt.org/acme/new-nonce` resulted in a `503 Service Temporarily Unavailable` response ** 'Lets Encrypt domain5' [days to expire: 29] ** [-] *.domain5 [-] domain5 Could not obtain a replay nonce: Server error: `HEAD https://acme-v02.api.letsencrypt.org/acme/new-nonce` resulted in a `503 Service Temporarily Unavailable` response ** 'Lets Encrypt domain6' [days to expire: 29] ** [-] *.domain6 [-] domain6 Invalid response from https://acme-v02.api.letsencrypt.org/acme/order/130661388/225992954306. Details: Type: urn:ietfarams:acme:error:malformed Status: 404 Detail: No order for ID 225992954306 The following Let`s Encrypt certificates have been renewed without some of their Subject Alternative Names: <none> Legend: [+] This domain is secure. The domain's SSL/TLS certificate from Let`s Encrypt has been issued/renewed. [-] This domain is not secure. Either the domain's SSL/TLS certificate from Let`s Encrypt could not be issued/renewed or the domain name was excluded from the certificate. Renew the certificate manually or request a new one to secure this domain. |
The messages displayed some months are different than others, e.g. the missing order id one may be had by a different domain in some months. I have no idea why this just doesnt want to work, before SSLit it worked great. Now we have to manually renew them, which works without problems.
Last edited by a moderator: