Symptoms
The following notification about a failed attempt to renew the Let's Encrypt certificate is received:
CONFIG_TEXT: Could not secure domains of Administrator (login admin) with Let`s Encrypt certificates. Please log in to Plesk and secure the domains listed below manually.
Securing of the following domains has failed:
** 'sub.example.com' **
Missed domain names failed to pass validation:www.sub.example.com
The following domains have been secured without some of their Subject Alternative Names:
<none>
Could not renew Let`s Encrypt certificates for Administrator (login admin). Please log in to Plesk and renew the certificates listed below manually.
Renewal of the following Let`s Encrypt certificates has failed:
<none>
The following Let`s Encrypt certificates have been renewed without some of their Subject Alternative Names:
<none>
Legend:
[+] This domain is secure. The domain's SSL/TLS certificate from Let`s Encrypt has been issued/renewed.
[-] This domain is not secure. Either the domain's SSL/TLS certificate from Let`s Encrypt could not be issued/renewed or the domain name was excluded from the certificate. Renew the certificate manually or request a new one to secure this domain.- Subdomains www.sub.example.com and webmail.sub.example.com have no valid A records.
- The existing certificate is issued for the domain and www.*, and webmail subdomains
- "Keep secured" option is enabled for the domain
- DNS settings are managed outside of Plesk
Cause
Plesk renews the certificate for the domain and all subdomains and aliases specified. When the subdomain cannot be reached, the Let's Encrypt validation fails.
Resolution
Depending on the case, apply one of the following:
- Provide valid A records for all subdomains and aliases that are to be secured
- Or manually reissue the Let's Encrypt certificate for the domain and exclude "www", "webmail", and aliases that don't resolve to the server IP from the certificate
Comments
Please sign in to leave a comment.