• The APS Catalog has been deprecated and removed from all Plesk Obsidian versions.
    Applications already installed from the APS Catalog will continue working. However, Plesk will no longer provide support for APS applications.
  • Please be aware: with the Plesk Obsidian 18.0.78 release, the support for the ngx_pagespeed.so module will be deprecated and removed from the sw-nginx package.

Question Plesk: LetsEncrypt renewals sporadically failing/skipped

P

Paul Larson

Basic Pleskian
Server operating system version
Ubuntu 22.04.5 LTS
Plesk version and microupdate number
Plesk Obsidian 18.0.71.1
I don't have specifics, but I do seem to have domains fail, causing an alert, because their SSLs are expired. All are on Plesk servers. My issue is identical to this 2024 thread:

Issue - LetsEncrypt certificates no longer automatically renewing, even though Plesk says they should

I am having issues with LetsEncrypt that used to automatically renew just fine, but recently stopped automatically renewing even though Plesk says that auto renewal is turned on for the domain, it doesn't renew. Does anyone have any clue what could be wrong, or how I can figure out what could be...
talk.plesk.com talk.plesk.com

Just wanted to see if anyone else experiencing this.

Picking today's domain, for example, I don't see any email alert of an issue. I'm accustomed to emails like this:

Subject: Could not issue/renew Let`s Encrypt certificates for ...
Body:
Code: 
Invalid response from https://acme-v02.api.letsencrypt.org/acme/[redacted]
Details:
Type: urn:ietf:params:acme:error:unauthorized
Status: 403
Detail: 67.205.170.6: Invalid response from https://example.com/.well-known/acme-challenge/[redacted]: 404

** 'Lets Encrypt example.com' [already expired] **
[-] example.com
[-] www.example.com

I'll be honest - I don't always pay attention to these emails because I get so many of them, and sometimes the failures are 'correct', and no site is down.

But, the domain that failed today has no accompanying email alert.
 
Hello, @Paul Larson . Couple of questions:

  1. Is the DNS of the domain name(s) managed locally?
  2. Are those wildcard certificates?
  3. What's the option selected in in Plesk > Service Plans > SERVICE_PLAN_NAME > Additional Services tab > SSL It!?
  4. Can you please check /var/log/plesk/panel.log and confirm if there are any relevant errors logged?
 
You must log in or register to reply here.

Similar threads

E
Resolved Can not re issue Lets Encrypt SSL Certificat
Replies
14
Views
6K
elChupete
E
B
Issue Unable to issue a Let's Encrypt certificate for domain with forwarding hosting type: nginx is not installed or is disabled on the Plesk server
Replies
1
Views
2K
Sebahat.hadzhi
Sebahat.hadzhi
M
Question Let's encrypt certificate emails do not contain certificate details
Replies
2
Views
1K
MHC_1
M
F
Resolved SSL It! / Lets Encrypt /wildcard auto renew not working
Replies
3
Views
3K
fabs
F
kristobal1969
Issue Plesk 18.0.70 and Could not issue/renew Let's Encrypt certificates
Replies
11
Views
7K
marcomarsala
M
Back
Top