Facebook
Twitter
- Server operating system version
- Ubuntu 18.04.6 LTS
- Plesk version and microupdate number
- Version 18.0.48, last updated on Dec 12, 2022 06:19 PM
I'm externally monitoring the actual expiry date for each domain on my different Plesk servers.
Whenever the expiry date is less than 10 days, I will get a warning on my dashboard that a certificate is about to expire.
Normally and for years nothing comes in that dashboard for domains I have configured with Plesk.
3CX occasionally fails to renew certificates, so I know the dashboard in Zabbix is working fine.
This month I'm starting to get domains that get close to their expiry date.
2 days ago I needed to manually run the letsencrypt wizard for 2 domains and today I needed to do it for 3 domains that would have expired today.
These domains run on different Plesk servers (we have 7).
No issues arise when manually updating the certificates.
It is maybe a bit early to say, but it could be that something changed in the Letsencrypt system in the last month which is causing this.
I do not know yet if each and every certificate is not updating automatically.
For this I need to investigate it better.
See this as an early warning and I will come back if I know more.
BTW....
I'm using DNS delegation with an NS-record (_acme-challenge.<domain> pointing to <domain>) on my separate DNS-server.
The webserver has DNS enabled through Plesk and has the _acme-challenge.<domain> TXT record which it is updating.
It should have no bearing on this.
It has been working for years and the manual renewing of the certificate is working flawless.
I am mentioning it, because the cronjob that does the automatic updating may not follow RFC's correctly and could have a bug which prevents it from updating the certificate.
Whenever the expiry date is less than 10 days, I will get a warning on my dashboard that a certificate is about to expire.
Normally and for years nothing comes in that dashboard for domains I have configured with Plesk.
3CX occasionally fails to renew certificates, so I know the dashboard in Zabbix is working fine.
This month I'm starting to get domains that get close to their expiry date.
2 days ago I needed to manually run the letsencrypt wizard for 2 domains and today I needed to do it for 3 domains that would have expired today.
These domains run on different Plesk servers (we have 7).
No issues arise when manually updating the certificates.
It is maybe a bit early to say, but it could be that something changed in the Letsencrypt system in the last month which is causing this.
I do not know yet if each and every certificate is not updating automatically.
For this I need to investigate it better.
See this as an early warning and I will come back if I know more.
BTW....
I'm using DNS delegation with an NS-record (_acme-challenge.<domain> pointing to <domain>) on my separate DNS-server.
The webserver has DNS enabled through Plesk and has the _acme-challenge.<domain> TXT record which it is updating.
It should have no bearing on this.
It has been working for years and the manual renewing of the certificate is working flawless.
I am mentioning it, because the cronjob that does the automatic updating may not follow RFC's correctly and could have a bug which prevents it from updating the certificate.
