Facebook
Twitter
hellostorm
New Pleskian
- Server operating system version
- AlmaLinux release 8.7 (Stone Smilodon)
- Plesk version and microupdate number
- Plesk Obsidian Web Host Edition Version 18.0.51
Good morning all,
I've recently purchased a server from 1&1 with Plesk installed on it. It's mostly self-explanatory however I've hit a bit of a wall with a certain issue surrounding SSL certificates.
On a separate server I have using cPanel my SSLs are using Let's Encrypt and are renewed automatically by AutoSSL which is what I want to happen within my Plesk server. The SSLs in cPanel covers example.com and www.example.com but not subdomains so I believe this isn't using Wildcard SSL certificates like I'm trying to with Plesk.
I've read over so many articles in the forum but some are out-of-date so wondered if there was someone who knew how to auto renew wildcard SSLs for domains using an external DNS? I've read about some people using acme.sh but not sure if this is the right solution? All of my clients have their DNS registered with their own various registrars.
These are the articles I've read:
talk.plesk.com
talk.plesk.com
talk.plesk.com
I would just like to have wildcards certificates auto renewed every 3 months automatically without having to find logins for my clients domains, change the DNS record etc. it would save me a lot of time trying to chase down credentials and going through 60 odd websites doing this with lots of different expiration dates is quite time consuming. There must be a way to automate this?
I'd appreciate any help here as I'm at a bit of a loss. The errors I'm getting in my /var/log/plesk/panel.log file are:
[2023-04-18 07:46:08.188] 1799053:643e4ab96c3fc ERR [extension/sslit] Failed to renew certificate of domain 'example.com': Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/220394752127.
Details:
Type: urn:ietf
arams:acme:error:unauthorized
Status: 403
Detail: Incorrect TXT record "CGMKSefHUHyATKnEoWE-rAaLW10475mO9ydLAmpxXGc" found at _acme-challenge.example.com
But I've checked and this DNS record does exist and it has done for the last couple of months when I first setup this domain.
If anyone has any ideas I could try, please let me know.
Thanks!
I've recently purchased a server from 1&1 with Plesk installed on it. It's mostly self-explanatory however I've hit a bit of a wall with a certain issue surrounding SSL certificates.
On a separate server I have using cPanel my SSLs are using Let's Encrypt and are renewed automatically by AutoSSL which is what I want to happen within my Plesk server. The SSLs in cPanel covers example.com and www.example.com but not subdomains so I believe this isn't using Wildcard SSL certificates like I'm trying to with Plesk.
I've read over so many articles in the forum but some are out-of-date so wondered if there was someone who knew how to auto renew wildcard SSLs for domains using an external DNS? I've read about some people using acme.sh but not sure if this is the right solution? All of my clients have their DNS registered with their own various registrars.
These are the articles I've read:
Issue - No automatic renewal of wildcard certificates when dns is set as secondary in plesk
On daily basis I’m getting errors by mail for renewing the lets encrypt wildcard certificates. Skip wildcard certificate renewal for the domain 'XXX'. TXT record could not be created automatically. Try to renew domain certificate manually. This seems to be related to the fact that I’m using a...
talk.plesk.com
Resolved - Let's encrypt - auto-renew with external primary DNS server?
All the domains hosted on my Plesk server are managed through an external DNS server. As far as I understand, this setup is not compatible with automatically renewing certificates from Let's Encrypt because the Plesk server needs direct access to the DNS records. So, for this to work, Plesk...
talk.plesk.com
Issue - Let's Encrypt Issues with Renewal
I'm using Let's Encrypt to secure my domains via wildcard certificates. It's set to renew the first day of every month, no matter how old the certificate is. Unfortunately that hasn't been working for quite a while now and i'm tired of manually renewing now. I get the following via mail for all...
talk.plesk.com
I would just like to have wildcards certificates auto renewed every 3 months automatically without having to find logins for my clients domains, change the DNS record etc. it would save me a lot of time trying to chase down credentials and going through 60 odd websites doing this with lots of different expiration dates is quite time consuming. There must be a way to automate this?
I'd appreciate any help here as I'm at a bit of a loss. The errors I'm getting in my /var/log/plesk/panel.log file are:
[2023-04-18 07:46:08.188] 1799053:643e4ab96c3fc ERR [extension/sslit] Failed to renew certificate of domain 'example.com': Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/220394752127.
Details:
Type: urn:ietf
arams:acme:error:unauthorizedStatus: 403
Detail: Incorrect TXT record "CGMKSefHUHyATKnEoWE-rAaLW10475mO9ydLAmpxXGc" found at _acme-challenge.example.com
But I've checked and this DNS record does exist and it has done for the last couple of months when I first setup this domain.
If anyone has any ideas I could try, please let me know.
Thanks!
