Starting on October 19, 2021, we will enable single-sign-on for our Plesk Support Center to provide a seamless login/account experience. This implies that you’ll be able to use a single account across any of our web-facing properties.
To be prepared for this change and to avoid the need to register during your next ticket submission after the change, we encourage you to create an account here before October 19 using the same email address as your current Zendesk login (support account). It’s essential that you use the same email address on our support center to ensure that your tickets stay attached to the same account. You will continue to use ZenDesk authentication until we switch over to single-sign-on on October 19th.

Let's Encrypt auto renew is not working for domains or Plesk with renamed certificates

Follow

Comments

20 comments

  • Avatar
    Mark Wijsman

    Any clue on when this will be fixed? As for the past i've told all my customers to ignore the emails from let's encrypt because it's just a reminder that the certificate will be renewed, I'm getting a lot of annoyed emails about SSL errors every day.

    0
    Comment actions Permalink
  • Avatar
    Anzhelika Khapaknysh

    @Mark Wijsman,

    There is no ETA at the moment.
    I do recommend applying the workaround until the bug is fixed.

    0
    Comment actions Permalink
  • Avatar
    Betafer

    Hello, any news ?

    0
    Comment actions Permalink
  • Avatar
    Alexey Lapshin

    Hello @Betafer

    The fix is planned to be implemented in the next major release of extension, however there is no exact ETA for it currently.

    0
    Comment actions Permalink
  • Avatar
    Ariel Lipschutz

    Any update?

    your workaround doesn't work if you have a lot of domains!

    The email has no information about what domain is expired/having problems...

    At least, you could add what domain is not renovating

    0
    Comment actions Permalink
  • Avatar
    Pierre Lauret

    version 2.9.0 seems to have corrected this bug ?

    [-] Auto-renew of SSL/TLS certificates no longer fails after a secured domain or subdomain was renamed. (EXTLETSENC-768)

    0
    Comment actions Permalink
  • Hi Ariel Lipschutz,

    It is still planned for the next major release of the extension, but no ETA yet :(

    Hi Pierre Lauret,

    No, it's not yet fixed as the bug you're pointing out is another one.

    0
    Comment actions Permalink
  • Avatar
    Kevin Mamaqi

    Any update on this issue? It is really annoying.

    0
    Comment actions Permalink
  • Avatar
    Ivan Postnikov

    Hello Kevin Mamaqi

    The recent reply of my colleague is still actual: the exact ETA is to be available later.

    As soon as there'll be any news, the article will be updated.

    0
    Comment actions Permalink
  • Avatar
    David / Curtis

    I am now getting this notice on some sites every 48 hours on v.2.9.0-611. I can't run a business this way.

    At this point I need to know how to downgrade both Plesk and Let's Encrypt to something that works.

    0
    Comment actions Permalink
  • Avatar
    Ivan Postnikov

    Hello David / Curtis

    The issue from this article happens with renamed certificates only.

    Most probably you have another root cause and investigation of your issue is required. Plesk downgrade is an impossible operation.

    Could you submit a request to Plesk support for additional investigation?

    0
    Comment actions Permalink
  • Avatar
    Henry C. Lavau

    The strange thing is that

    1. Even after a successful manual renewal, Plesk will continue to try to renew a valid certificate up to three months in advance

    2. But it will fail, sending an email stating that the certificate has expired

    3. Until you deactivate https: then it will renew successfully

    I hope these bugs will be fixed in order to get an automatic renewal

    1
    Comment actions Permalink
  • Avatar
    Matt Kennedy

    This is an absolutely disastrous bug. Why isn't it top priority? 

    2
    Comment actions Permalink
  • Avatar
    Ivan Postnikov

    Hello Matt Kennedy

    This ticket has quite high priority internally and it will be fixed. Stay tuned for Plesk change logs updates.

    0
    Comment actions Permalink
  • Avatar
    Ulf Stolberg

    any news after so many month? :-|

    0
    Comment actions Permalink
  • Avatar
    Jaŭhien

    Hi!
    I have 3 servers on Plesk. 2 servers have this problem with all domains.
    Please fix urgently.

    0
    Comment actions Permalink
  • Avatar
    Ian (Edited )

    This bug is such a pain point for us. We need our mail server to remain secured. Having to set reminders to go back in and manually renew the Mail certificate before it expires - and if not finding mail servers have gone down/mail rejected (and this is across multiple plesk servers).

    Renewing manually is awful - there is no individual update button per item (Plesk or Mail) - there is no date saying when the certficate(s) expires/expired -  the add button doesn't let you choose which (Plesk or The Mail Server) to add the new certificate to - it just adds it to Plesk - and if you don't rename it from the default, adding again doesn't add - it just overwrites the first cert with the different url - rather than creating a second. So you have to go through this horrendous process (all we can find that works) on the SSL/TLS Certificates page of setting both (plesk and mail) to default certificate, deleting the two you had, click add for the mail server with a url of mail.mydomain.com, then rename it to Mail SSL, then unassign it from Plesk, so that you can then assign it Mail, then click add again with a url of mydomain.com for the Plesk one.

    Why on earth we are having to do this manually with Plesk installed. This bug seems to have been around for so long now and is making us seek alternatives to Plesk.

    0
    Comment actions Permalink
  • Avatar
    Jennifer Arsenault

    I just got a warning via email for one of my domains. This is the first time I've seen this. The automatic renewal worked in June. When I log into Plesk, it says, "Valid To September 10, 2021 Will be automatically renewed". I don't see a way to renew manually. Can you give step-by-step details on how to renew manually?

    0
    Comment actions Permalink
  • Avatar
    Henry C. Lavau
    1. On the domain, go to SSL/TLS Certificate
    2. Unset all options (on the right)    <= this is the trick
    3. Click above on the "Reissue Certificate" button
    4. After reissued, reset all options (on the right)
    0
    Comment actions Permalink
  • Avatar
    jon shipman

    I had to remove webroot/.well-known for mine to renew. 

    Probably a separate, permissions issue in my case, but adding here for SEO.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request