• Hi, Pleskians! We are running a UX testing of our upcoming product intended for server management and monitoring.
    We would like to invite you to have a call with us and have some fun checking our prototype. The agenda is pretty simple - we bring new design and some scenarios that you need to walk through and succeed. We will be watching and taking insights for further development of the design.
    If you would like to participate, please use this link to book a meeting. We will sent the link to the clickable prototype at the meeting.
  • (Plesk for Windows):
    MySQL Connector/ODBC 3.51, 5.1, and 5.3 are no longer shipped with Plesk because they have reached end of life. MariaDB Connector/ODBC 64-bit 3.2.4 is now used instead.
  • Our UX team believes in the in the power of direct feedback and would like to invite you to participate in interviews, tests, and surveys.
    To stay in the loop and never miss an opportunity to share your thoughts, please subscribe to our UX research program. If you were previously part of the Plesk UX research program, please re-subscribe to continue receiving our invitations.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Resolved Let's Encrypt tries to renew certificates for deleted domains

F

Fabrizio

New Pleskian
Hi,

after I deleted some domains (and subscriptions) I receive error emails due to failed certificate renewal by Let's Encrypt. Obviously the renewal fails because the domains no longer exist on my server, the question is: why Let's Encrypt continues to try to renew certificates for deleted domains?
I think because, when I delete the subscriptions, Plesk does not remove Let's Encrypt configuration files and keys in
/usr/local/psa/var/modules/letsencrypt/etc/live
Can I safely delete via shell useless folders like /usr/local/psa/var/modules/letsencrypt/etc/live/deleteddomain.com?

Thank you
 
Could you clarify how many such "error emails due to failed certificate renewal by Let's Encrypt" you received?
If only one, then it's like a deferred notification and this is normal. If several notifications are received, then most likely it is a bug and it would be good to investigate it - welcome to the Reports
 
Fabrizio said:
I think because, when I delete the subscriptions, Plesk does not remove Let's Encrypt configuration files and keys in
/usr/local/psa/var/modules/letsencrypt/etc/live
Click to expand...
No, it's not because of this - the update procedure checks certificates in the Plesk database, but not in /usr/local/psa/var/modules/letsencrypt/etc/live
Fabrizio said:
Can I safely delete via shell useless folders like /usr/local/psa/var/modules/letsencrypt/etc/live/deleteddomain.com?
Click to expand...
Yes, you can safely remove it, it will not affect anything.
 
Thank you for you reply,

I received these emails for three days at the same hour: today would be the fourth.

The emails are like this:

<<
Could not secure domains of Fabrizio (login admin) with Let's Encrypt certificates. Please log in to Plesk and secure the domains listed below manually.
Securing of the following domains has failed:

<none>

The following domains have been secured without some of their Subject Alternative Names:

<none>

Could not renew Let's Encrypt certificates for Fabrizio (login admin). Please log in to Plesk and renew the certificates listed below manually.
Renewal of the following Let's Encrypt certificates has failed:
...
>>

If I receive another e-mail today I'll report the bug.

By now, maybe I could modify the Plesk database to delete any directive for deleted domain certificates renewal.
Any suggestions?

Thanks again
 
I have the same problem with both, a deleted domain and one disabled domain. How can I resolve this issue?

E-Mail:

Could not secure domains of admin (login admin) with Let's Encrypt certificates. Please log in to Plesk and secure the domains listed below manually.
Securing of the following domains has failed:

 
all of the deleted domains stay somewhere in a cron for renewing. every day
some have no domain name just customername stated.

dirk
 
i had this problem but slightly different, I received email that LE couldn't renew a certificate that I previously deleted on a domain that I later issue again with LE
 
I can also confirm that the problem still (or again) exists - at least for 1 certificate that was deleted as it is no longer needed. Was this issue reported? I canot find an entry under reports?
 
Hello,

Did you check in:
/usr/local/psa/var/modules/letsencrypt/etc/live
/usr/local/psa/var/modules/letsencrypt/etc/archive

I just had the same problem, and that is where I found two directories, named like the deleted domain.
I moved them in a "neutral" directory.
(/home if you must know, I do not like deleting files, when I am not sure that it will not makes things worse.)

I will now wait and see if I still get a warning mail...
 
Hello!

Same problem here, "could not secure domains for ..." but domains are deleted.
Is there any feedback about this issue?

Thanks!
 
Solution is to run the Plesk Repair Utility.

I ran these and solved the problem:

# plesk repair db
# plesk repair web -server

Your problem could like elsewhere in the config, so if the above doesn't help, you may want to read the Plesk Repair Utilty page.
 
I have exact the same problem.
Unfortunately the tip from milan_ns doesn't work for me.
The deleted domains are still listed inside /usr/local/psa/var/modules/letsencrypt/etc/live and /usr/local/psa/var/modules/letsencrypt/etc/renewal/ dir.
This problem is really annoying, especially since no one in the plesk team seems to care about it for more than a year! :(
 
I can also confirm that the problem still (or again) exists - at least for 1 certificate that was deleted as it is no longer needed. Was this issue reported? I can't find an entry under reports?
 
You must log in or register to reply here.

Similar threads

S
Issue Let's Encrypt/SSL It! empty domain name error
Replies
8
Views
1K
SilentWarrior
S
Bitpalast
Question How to remove SSL renewal attempts for good?
Replies
8
Views
2K
Bitpalast
Bitpalast
sweetp
Question SSL renewed/created hook?
Replies
2
Views
271
sweetp
sweetp
W
Question Wanted: Best practice for certificates (Lets Encrypt) two separate Plesk servers for www and mail
2
Replies
20
Views
2K
W4ru
W
L
Issue ( authorization token is unavailable ) Could not issue/renew Let`s Encrypt certificates
Replies
7
Views
2K
Leta
L
Back
Top