Resolved Let's Encrypt is partially out of control

[H9k]

A couple of weeks ago we enabled the "Keep websites secured with free SSL Certificate" feature on all of our service plans.
It worked fine for the most part, however there are some subscriptions where with one of the following situations:

• Domain not resolvable, but www.domain resolvable
• Domain resolvable, but www.domain not resolvable
• Website hosted elsewhere, like WiX
• Email service disabled and thus no webmail

Customers of such websites are getting daily emails with error messages telling them that Let's Encrypt failed to secure their subscription.
This also continues even if I customize their subscription and set the Let's Encrypt option to "None" in the "Additional Services" tab.

If I enable mail notification from the Let's Encrypt scheduled task, I get an email every hour about some failures, but there are many more that I don't get in the mail but customers do.
This is starting to annoy customers and I don't know how to stop this.

I tried to see if there is some sign in the database from the Let's Encrypt extension, but all I could find is in the ModuleSettings table that the e-mail addresses for the subscriptions are stored... but for some reason it only lists 79 whereas I have about 300 subscriptions.

Has anyone experienced similar issues and managed to solve the problem?

 

[virtubox]

A couple of weeks ago we enabled the "Keep websites secured with free SSL Certificate" feature on all of our service plans.
It worked fine for the most part, however there are some subscriptions where with one of the following situations:

• Domain not resolvable, but www.domain resolvable
• Domain resolvable, but www.domain not resolvable
• Website hosted elsewhere, like WiX
• Email service disabled and thus no webmail

Customers of such websites are getting daily emails with error messages telling them that Let's Encrypt failed to secure their subscription.
This also continues even if I customize their subscription and set the Let's Encrypt option to "None" in the "Additional Services" tab.

If I enable mail notification from the Let's Encrypt scheduled task, I get an email every hour about some failures, but there are many more that I don't get in the mail but customers do.
This is starting to annoy customers and I don't know how to stop this.

I tried to see if there is some sign in the database from the Let's Encrypt extension, but all I could find is in the ModuleSettings table that the e-mail addresses for the subscriptions are stored... but for some reason it only lists 79 whereas I have about 300 subscriptions.

Has anyone experienced similar issues and managed to solve the problem?

Hello,

Notifications about letsencrypt renewal or fails are sent by Plesk, you can disable them in Tools & Settings > Notifications .
Have you enable letsencrypt with www support even on subdomains ?

 

[H9k]

Oh, thanks for pointing it out, that will be a relief for the affected customers
I have now set the notifications to be sent to me instead, so I can have an overview about what is failing.

Basically what I have done was to enable that option in the service plans, then I used the Security Advisor to actually secure the subscriptions that did not have a certificate yet. I did not explicitly specify to secure www or not, or to secure webmail or not. Actually, I found out that the security advisor did not secure neither www nor webmail, I had to manually go through the subscriptions and change that one by one. Of course, in the Plesk UI the webmail option is greyed out if the mail service is disabled, but for some reason it still tries to secure the webmail in the background, for example.
Also some websites that are hosted elsewhere, even though I dsabled the "keep websites secured" option in their subscription, Let's Encrypt extension is still attempting to secure that website and I find no way to stop this.