• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved Could not issue/renew Let's Encrypt certificates for <customer>

Epic Voyage

Epic Voyage

New Pleskian
Server operating system version
CentOS 7 (Core)
Plesk version and microupdate number
18.0.60 Update #1
Hi,

I have an older server which has been upgraded to Plesk Obsidian. I am receiving SSL renewal failure emails, like the one attached, which refer to a customer in the subject line, but which have an empty body. There are no domains or subdomains listed.

Is there a way to determine which domain is causing the problem (and maybe fix the email template?) without clicking through each subdomain on the server?
 

Attachments

  • lets-encrypt-renewal-error.png
    lets-encrypt-renewal-error.png
    102.4 KB · Views: 7
You'll probably find some info about the failed certificate(s) renewal in the panel log. Look at Tools & Settings > Log browser > Plesk.

As for the empty body in the notification you can check in Tools & Settings > Notifications if the "SSL It! certificates auto-renewal failure" notification has a body by clicking the edit icon.
Schermafbeelding 2024-06-09 215423.png

The default body is:
Code: 
Could not secure domains of <client_contact_name> (login <client_login>) with <vendor> certificates. Please log in to Plesk and secure the domains listed below manually.
Securing of the following domains has failed:


<failedKeepDomainsSecured>


The following domains have been secured without some of their Subject Alternative Names:


<keepDomainsSecuredWithErrors>


Could not renew <vendor> certificates for <client_contact_name> (login <client_login>). Please log in to Plesk and renew the certificates listed below manually.
Renewal of the following <vendor> certificates has failed:


<notRenewedCertificates>


The following <vendor> certificates have been renewed without some of their Subject Alternative Names:


<partiallyRenewedCertificates>




Legend:
[+] This domain is secure. The domain's SSL/TLS certificate from <vendor> has been issued/renewed.
[-] This domain is not secure. Either the domain's SSL/TLS certificate from <vendor> could not be issued/renewed or the domain name was excluded from the certificate. Renew the certificate manually or request a new one to secure this domain.
 
Those logs are extremely helpful!

And the SSLIt! template was empty. I will mark this as resolved after confirming my next warning email.

Thank you for the thorough solution!
 
I thought I used to be able to edit posts to marked them as [Resolved], but do not see that option now. Both aspects of your solution are working great. Thanks again!
 
That good to read, thank you for letting us know. I've marked to thread as resolved for you.
 
You must log in or register to reply here.

Similar threads

D
Question Renewing Let's encrypt automatically
Replies
3
Views
494
Kaspar
K
R
Issue SSL/TLS cert for mail server not updating (Lets Encrypt)
Replies
2
Views
889
tessa67
T
M
Resolved Lets Encrypt not issuing certs for subdomains
Replies
2
Views
272
mendip_discovery
M
L
Issue ( authorization token is unavailable ) Could not issue/renew Let`s Encrypt certificates
Replies
7
Views
347
Leta
L
S
Question Could not issue/renew Let's Encrypt certificates for mydomain.com
Replies
0
Views
822
sdak
S
Back
Top