Articles in this section

See more

Let's Encrypt notification mail: Your certificate (or certificates) for the names listed below will expire in days

Avatar
Renan Moreira
Updated
Follow
kb: technical ext: le ABT: Group A

Applicable to:

  • Plesk for Linux
  • Plesk for Windows

Symptoms

  • Let's Encrypt certificate expiration notification mails for domain "example.com" is delivered from Let's Encrypt (expiry@letsencrypt.org):

    CONFIG_TEXT: From: Let's Encrypt Expiry Bot expiry@letsencrypt.org
    To: admin@example.com
    Subject: Let's Encrypt certificate expiration notice for domain "example.com" (and 1 more)
    Hello,
    Your certificate (or certificates) for the names listed below will expire in 7 days (on 17 Aug 17 00:00 +0000). Please make sure to renew your certificate before then, or visitors to your website will encounter errors.
    example.com
    www.example.com
    example.staging.com
    [...]

    Regards,
    The Let's Encrypt Team

  • In a browser example.com certificate shows certificate expiration date far from the one in the email notification.
  • The current certificate has additional domains and/or aliases included.

    CONFIG_TEXT: example.com
    www.example.com
    webmail.example.com
    mail.example.com
    plesk.example.com
    example.org (ALIAS)

Cause

The certificate for domain example.com was not renewed but re-installed as new domains and/or aliases are included/excluded.

Since Let´s Encrypt checks certificates by their included CA´s this will cause the new certificate to not overwrite the old notification alert.

Resolution

  1. Log in to Plesk
  2. Navigate to Domains > example.com > SSL/TLS certificates and check if there are any Let's Encrypt certificates that are not in use anymore.

    If such certificates are not found, these notifications can be safely ignored.
    To unsubscribe from notifications click on the 'unsubscribe' link which is contained in every email. If there is no such link, contact Let's Encrypt Community Support

Comments

2 comments

Sort by Date Votes
  • Avatar
    Unknown User

    "Ignore the email" isn't really a solution. I currently have three certificates emailing me each day, one 27 days from expiry, one 17, one already expired. The solution here means I will get three emails every day forever, and inevitably that number will grow.

    The alternative is I set up a message rule that puts these messages in a folder, or turn off the notification completely, either of which completely defies the point of the notification.

    0
    Comment actions Permalink
  • Avatar
    Alexandr Tumanov

    @Ian, these notifications are not managed by Plesk. According to Let's Encrypt documentation, there should be a link to unsubscribe. Could you please check?

    Let's Encrypt documentation. Expiration Emails

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request

Related articles