Applicable to:
- Plesk for Linux
Symptoms
- A domain secured with Let's Encrypt was removed from the server.
- Let's Encrypt notifications about the domain are still sent to the customer's email that was used to issue the certificate.
Cause
The server has certificate leftovers. This is caused by the bug EXTLETSENC-643, which is planned to be fixed in future updates.
-
The directory
/usr/local/psa/var/modules/sslit/etc/live/example.com/exists on the server, and/or -
The certificate has entries present in the database:
# plesk db "SELECT * FROM certificates WHERE name LIKE '%example.com%'"
Resolution
Remove the certificate leftovers from the server:
Note: Notifications are sent with a one-day delay, so a notification may still be sent after applying the solution.
-
Log in to the server via SSH
-
Move or delete the
/usr/local/psa/var/modules/sslit/etc/live/example.com/directory:# mv /usr/local/psa/var/modules/sslit/etc/live/example.com/ ~/
-
Move or delete any files that mention the domain in the
./ordersfolder# for i in $(grep -irl "example.com" /usr/local/psa/var/modules/letsencrypt/orders/); do mv $i ~/; done
-
If any records exist in the database, remove them as well:
# plesk db "DELETE FROM certificates WHERE name='Let's Encrypt example.com'"
Comments
4 comments
Still getting the same mails every day.
Maybe it's a problem between letsencrypt extension and sslit extension?
Cause sslit/orders doesn't exists, it's letsencrypt/orders.
Maybe re-check this combination.
Qhiliqq The article has been updated. Thank you.
Please note that the notifications with the subject line "Could not issue/renew Let`s Encrypt certificates for Client Name" do not contain an unsubscribe link like is suggested in this article. Is there a timeline on a structural fix?
Maarten Machiels Thank you. The article has been updated. There is no ETA at the time.
Please sign in to leave a comment.