Plesk for Windows
Plesk for Linux
kb: technical
ext: le
ABT: Group A
Applicable to:
- Plesk for Linux
- Plesk for Windows
Symptoms
-
External DNS is used for the domain example.com.
-
Cannot renew wildcard certificate with the following messages received by Plesk administrator:
CONFIG_TEXT: Cannot renew LE: Skip wildcard certificate renewal for the domain 'example.com'. TXT record could not be created automatically. Try to renew domain certificate manually.
Cause
TXT record has not been added or updated on domain example.com on external DNS side: when external DNS is used it is required to add TXT record manually each time to re-issue Let's Encrypt certificate.
Resolution
- Add TXT record on external DNS side
- Log into Plesk
- Re-issue certificate in Domains > example.com > SSL/TLS Certificates.
Comments
1 comment
This is correct for the initial installation or manual reissue, but it appears that the current implementation of Let's Encrypt management tools has a limitation that it can not automatically renew a wildcard certificate if the DNS is hosted on an external server (i.e., AWS or other cloud provider) without manually reissuing it from the domain host and manually updating the acme_challenge txt record on the external DNS every time it must be renewed.
https://support.plesk.com/hc/en-us/articles/12377508658839--How-to-install-wildcard-certificates-in-Plesk-with-Let-s-Encrypt
Please sign in to leave a comment.