• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Resolved Let's Encrypt tries to renew certificates for deleted domains

F

Fabrizio

New Pleskian
Hi,

after I deleted some domains (and subscriptions) I receive error emails due to failed certificate renewal by Let's Encrypt. Obviously the renewal fails because the domains no longer exist on my server, the question is: why Let's Encrypt continues to try to renew certificates for deleted domains?
I think because, when I delete the subscriptions, Plesk does not remove Let's Encrypt configuration files and keys in
/usr/local/psa/var/modules/letsencrypt/etc/live
Can I safely delete via shell useless folders like /usr/local/psa/var/modules/letsencrypt/etc/live/deleteddomain.com?

Thank you
 
Could you clarify how many such "error emails due to failed certificate renewal by Let's Encrypt" you received?
If only one, then it's like a deferred notification and this is normal. If several notifications are received, then most likely it is a bug and it would be good to investigate it - welcome to the Reports
 
Fabrizio said:
I think because, when I delete the subscriptions, Plesk does not remove Let's Encrypt configuration files and keys in
/usr/local/psa/var/modules/letsencrypt/etc/live
Click to expand...
No, it's not because of this - the update procedure checks certificates in the Plesk database, but not in /usr/local/psa/var/modules/letsencrypt/etc/live
Fabrizio said:
Can I safely delete via shell useless folders like /usr/local/psa/var/modules/letsencrypt/etc/live/deleteddomain.com?
Click to expand...
Yes, you can safely remove it, it will not affect anything.
 
Thank you for you reply,

I received these emails for three days at the same hour: today would be the fourth.

The emails are like this:

<<
Could not secure domains of Fabrizio (login admin) with Let's Encrypt certificates. Please log in to Plesk and secure the domains listed below manually.
Securing of the following domains has failed:

<none>

The following domains have been secured without some of their Subject Alternative Names:

<none>

Could not renew Let's Encrypt certificates for Fabrizio (login admin). Please log in to Plesk and renew the certificates listed below manually.
Renewal of the following Let's Encrypt certificates has failed:
...
>>

If I receive another e-mail today I'll report the bug.

By now, maybe I could modify the Plesk database to delete any directive for deleted domain certificates renewal.
Any suggestions?

Thanks again
 
I have the same problem with both, a deleted domain and one disabled domain. How can I resolve this issue?

E-Mail:

Could not secure domains of admin (login admin) with Let's Encrypt certificates. Please log in to Plesk and secure the domains listed below manually.
Securing of the following domains has failed:

 
all of the deleted domains stay somewhere in a cron for renewing. every day
some have no domain name just customername stated.

dirk
 
i had this problem but slightly different, I received email that LE couldn't renew a certificate that I previously deleted on a domain that I later issue again with LE
 
I can also confirm that the problem still (or again) exists - at least for 1 certificate that was deleted as it is no longer needed. Was this issue reported? I canot find an entry under reports?
 
Hello,

Did you check in:
/usr/local/psa/var/modules/letsencrypt/etc/live
/usr/local/psa/var/modules/letsencrypt/etc/archive

I just had the same problem, and that is where I found two directories, named like the deleted domain.
I moved them in a "neutral" directory.
(/home if you must know, I do not like deleting files, when I am not sure that it will not makes things worse.)

I will now wait and see if I still get a warning mail...
 
Hello!

Same problem here, "could not secure domains for ..." but domains are deleted.
Is there any feedback about this issue?

Thanks!
 
Solution is to run the Plesk Repair Utility.

I ran these and solved the problem:

# plesk repair db
# plesk repair web -server

Your problem could like elsewhere in the config, so if the above doesn't help, you may want to read the Plesk Repair Utilty page.
 
I have exact the same problem.
Unfortunately the tip from milan_ns doesn't work for me.
The deleted domains are still listed inside /usr/local/psa/var/modules/letsencrypt/etc/live and /usr/local/psa/var/modules/letsencrypt/etc/renewal/ dir.
This problem is really annoying, especially since no one in the plesk team seems to care about it for more than a year! :(
 
I can also confirm that the problem still (or again) exists - at least for 1 certificate that was deleted as it is no longer needed. Was this issue reported? I can't find an entry under reports?
 
You must log in or register to reply here.

Similar threads

Azurel
Resolved Mail for "Let`s Encrypt certificates for ***** have been issued/renewed" missing?
Replies
2
Views
260
Azurel
Azurel
S
Question Could not issue/renew Let's Encrypt certificates for mydomain.com
Replies
0
Views
615
sdak
S
F
Question How can I renew the Lets Encrypt certificates on a VPS Server from the Ionos company?
Replies
0
Views
233
fonorola
F
Hangover2
Forwarded to devs SSL It! breaks renewal and usage of Let's Encrypt wildcard certificates when subdomains are involved
2
Replies
28
Views
6K
marcoherzog
M
D
Issue Automatic renewal via SSLit doesn't work for wildcard certificates
Replies
0
Views
488
D3nnis3n
D
Back
Top