• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question Let's Encrypt revoking 2.6% of LE certs on March 4 2020

B

Bobbbb

Regular Pleskian
Hello,

Let's Encrypt plans to revoke 3,048,289 certificates on March 4 due to a CAA rechecking bug (see links below).

My question is... Using the Plesk Let's Encrypt extension, via GUI or command line, is there a way to force renew all LE certificates, managed by the Plesk Let's Encrypt extension, which would make sure that the LE cert revocation would not affect any Plesk managed domains on March 4?

community.letsencrypt.org

Revoking certain certificates on March 4

[Update 2020-03-05: The most up-to-date summary is at 2020.02.29 CAA Rechecking Bug] Due to the 2020.02.29 CAA Rechecking Bug, we unfortunately need to revoke many Let’s Encrypt TLS/SSL certificates. We’re e-mailing affected subscribers for whom we have contact information. This post and...
community.letsencrypt.org community.letsencrypt.org

https://twitter.com/x/status/1234930970719117312

community.letsencrypt.org

2020.02.29 CAA Rechecking Bug

On 2020-02-29 UTC, Let’s Encrypt found a bug in our CAA code. Our CA software, Boulder, checks for CAA records at the same time it validates a subscriber’s control of a domain name. Most subscribers issue a certificate immediately after domain control validation, but we consider a validation...
community.letsencrypt.org community.letsencrypt.org

Best Regards,
Bob
 
Monty said:
Please see the discussions here:

Let's Encrypt extension

Hi, I've got a question concerning the setting "send-notifications-interval" in panel.ini. The documentation (https://docs.plesk.com/en-US/onyx/administrator-guide/plesk-administration/managing-let’s-encrypt-settings.78586/) says the default value is "1 day", however it's not very clear on the...
talk.plesk.com talk.plesk.com
Click to expand...

Thank you. For others that find this thread, first... Your link includes a helpful script to check for affected certificates. I also found this post indicating a KB and a (maybe) potential Let's Encrypt extension update may address this, soon...

Let's Encrypt extension

Hi, I've got a question concerning the setting "send-notifications-interval" in panel.ini. The documentation (https://docs.plesk.com/en-US/onyx/administrator-guide/plesk-administration/managing-let’s-encrypt-settings.78586/) says the default value is "1 day", however it's not very clear on the...
talk.plesk.com talk.plesk.com
 
You must log in or register to reply here.

Similar threads

M
Issue Let's Encrypt Bulk Domain Renewal
Replies
4
Views
605
MacGyver
M
R
Issue Let's Encrypt Error 400 on every domain
Replies
1
Views
790
Sebahat.hadzhi
Sebahat.hadzhi
Bitpalast
Resolved SSL create and renew errors on random domains / possibly a Let's Encrypt issue, but maybe only in combination with Plesk
Replies
11
Views
2K
Change Maker
C
R
Issue SSL/TLS cert for mail server not updating (Lets Encrypt)
Replies
2
Views
2K
tessa67
T
P
Forwarded to devs SSL It! - inconsistent Let’s Encrypt branding
Replies
2
Views
2K
AYamshanov
AYamshanov
Back
Top