Let's Encrypt auto renew is not working for domains or Plesk with renamed certificates

Denis Pankov

Updated January 13, 2026 19:13

kb: bug Plesk for Linux ext: le ABT: Group A

If you reuse this article in some tickets, ask customers why it is important to them to rename LE certificates. Post their answers to https://jira.plesk.ru/browse/EXTLETSENC-483 as comments

Applicable to:

Plesk for Linux

Symptoms

Let's Encrypt auto-renew task is not working for Plesk or a domain.
Plesk log /var/log/plesk/panel.log contains following entries with debug being enabled:

CONFIG_TEXT: INFO [extension/letsencrypt] Check if Panel or Mail Server is secured by Let's Encrypt certificate...
INFO [extension/letsencrypt] Panel or Mail Server is not secured by the Let's Encrypt certificate.

Cause

Let's Encrypt extension bug #EXTLETSENC-483 (Cannot auto-renew certificates in Plesk if they were renamed previously) which is planned to be fixed in future product updates.

Let's Encrypt auto-renew feature relies on certificate names and does not recognize certificate names other than Lets Encrypt example.com on domain level and Lets Encrypt certificate on server level..

Resolution

Until a fix became available, as a workaround, renew the certificate manually:

Securing Plesk

Log in to Plesk.
Renew the certificate manually in Tools & Settings > SSL/TLS Certificates > + Let's Encrypt:

Securing particular domain

Log in to Plesk.
Renew this certificate manually from Domains > example.com > SSL/TLS Certificates > Get it free.

mceclip0.png
(20 KB)
22.PNG
(10 KB)
23.PNG
(30 KB)