• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Issue LetsEncrypt certificates no longer automatically renewing, even though Plesk says they should

K

Koert

New Pleskian
Server operating system version
AlmaLinux 8.10 (Cerulean Leopard)
Plesk version and microupdate number
18.0.63 #1
I am having issues with LetsEncrypt that used to automatically renew just fine, but recently stopped automatically renewing even though Plesk says that auto renewal is turned on for the domain, it doesn't renew. Does anyone have any clue what could be wrong, or how I can figure out what could be wrong?
 
I have two identical servers that suddenly stopped auto-renewing wildcard certificates from LetsEncrypt somewhere back in March or April. (probably earlier, but that's when they started expiring). I can manually renew them, and have had to do that twice since then. But they still do not auto-renew.

The best trouble-shooting I've been able to accomplish was that LetsDebug gave me errors connecting to the website when the website had both IPv4 and IPv6. Removing IPv6 (AAAA) DNS records immediately cleared up the LetsDebug errors and the manual renewals proceeded. I'm waiting to see if that fixes the auto-renew, but I won't know until the first week of October (30 days from expiration).

But its a bit counter-productive to have to delete AAAA records from sites.

Plesk is fully updated (18.0.63 Update #1) on both servers, running Debian 10.13 (1&1/IONOS repo). Above errors were present after the last Plesk update.
 
mopanim said:
Removing IPv6 (AAAA) DNS records immediately cleared up the LetsDebug errors and the manual renewals proceeded
Click to expand...
I ran into this once a while back. That implies there's an IPv6 connection or configuration problem. LE will try to connect from multiple source IPs and if it fails to connect it won't renew the cert.
 
You must log in or register to reply here.

Similar threads

R
Issue SSL/TLS cert for mail server not updating (Lets Encrypt)
Replies
2
Views
540
tessa67
T
H
Resolved Wildcard SSL Certificate Auto Renewals not Working for Let's Encrypt with External DNS
Replies
6
Views
5K
NickSick
N
mazterizes
Issue SSL Certificate Renewal Woes - Seeking Expert Advice
Replies
0
Views
982
mazterizes
mazterizes
T
Question ipv6 plesk correct config
Replies
4
Views
1K
tlatch52
T
M
Issue Letsencrypt not automatically updating certificate
Replies
0
Views
990
mr-wolf
M
Back
Top