• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Issue Problem with Lets Encrypt / SSL IT

N

nucknuck

Basic Pleskian
Hello everyone,

I hope to get help with the following problem:


System: Ubuntu 20.04.3 LTS
Plesk: Version 18.0.38 Update #2

Issue:

2 cronjobs, run once a hour (installed by default with plesk and the extensions)

/opt/psa/admin/bin/php -dauto_prepend_file=sdk.php '/opt/psa/admin/plib/modules/letsencrypt/scripts/keep-secured.php'
/opt/psa/admin/bin/php -dauto_prepend_file=sdk.php '/opt/psa/admin/plib/modules/sslit/scripts/keep-secured.php'

Problem:

Every hour the cronjobs cause that the ssl certifivates of all domains will be checked and renewed.
This causes many apache and nginx restarts and after 5 hours I get an error from the lets encrypt api according to muchg requests in a certain time (block for 168 hours).


What is going wrong?
Plesk basic setup, created subscription with domain and created certificate.
 
Tried to deinstall and reinstall both extensions - the same.

Anyone out there who can perhaps tell me if these cronjobs are correct in trying to renew the certificates each hour?!
 
Normally the extensions should detect that the certificates do not need to be renewed yet. That should only happen when the remaining lifetime is less than a month.
Premature retrieval should only happen if a) the option was given to force renewal b) the certificates are missing.
Do both extensions renew the certificates or only one of them? It should be possible to tell from the emails.
If it is just one of them, there must have a forced renewal sneaked into its configuration.
If both, then they are somehow desynced and toss out each other's certificates.

Try disabling one set of cronjobs (letsencrypt has 2, sslit 4) to see what happens.
 
Hello together...

I really need help because the automatic tasks for lets encrypt and SSLit are still causing errors.

As I have described, the tools keep trying to renew the certificates.
Every hour, always because of the cron job.

As a result, this error occurs. The same thing happens every new hour (cron job).As a result it happens

Code: 
[2021-11-09 07:55:02.140] 7911:618a1b45234ba ERR [extension/sslit] Unable to renew domain  example.com certificate automatically Invalid response from https://acme-v02.api.letsencrypt.org/acme/new-order.
Details:
Type: urn:ietf:params:acme:error:rateLimited
Status: 429
Detail: Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: example.com,webmail.example.com,www.example.com: see https://letsencrypt.org/docs/rate-limits/
 
You must log in or register to reply here.

Similar threads

W
Resolved scheduled task ERROR | /opt/psa/admin/bin/php -dauto_prepend_file=sdk.php '/opt/psa/admin/plib/modules/xovi/scripts/analyze-logs.php'
Replies
2
Views
1K
Wolfgang Reidlinger
W
W
Resolved 6 identical (default) task in the scheduled tasks overview
Replies
7
Views
2K
Wolfgang Reidlinger
W
W
Question scheduled task ERROR |
Replies
3
Views
1K
WebHostingAce
WebHostingAce
S
Issue Specified column is not in the row
Replies
1
Views
812
Peter Debik
P
W
Resolved Nextcloud installation and scheduled tasks throw "Php handler does not exists"
Replies
7
Views
2K
Peter Debik
P
Back
Top