Note: This article has the reference to the issue with the fix available:
- #EXTLETSENC-447 "Fixed the issue where, if a domain with uppercase letters in the name and its www alias and/or webmail were secured with a Let’s Encrypt certificate, Let’s Encrypt tried retrieving certificates every hour, exceeding rate limits and sending misleading email notifications to the domain’s owner, if the “Keep secured” option was enabled for the domain."
- Let’s Encrypt 2.5.1 27 February 2018
- Every hour Let's encrypt tries to renew SSL not in time (the certificate should not be renewed now), if domain name contains upper case letters (like, EXAMPLE.COM).
- The following entries appear in
CONFIG_TEXT: WARN [extension/letsencrypt] Cannot issue certificate to keep secured domain 'EXAMPLE.COM'. Invalid response from https://acme-v01.api.letsencrypt.org/acme/new-cert.
- A notification with the following content is sent to the domain owner:
CONFIG_TEXT: Could not secure domains of Jon Doe (login admin) with Let's Encrypt certificates. Please log in to Plesk and secure the domains listed below manually.
Securing of the following domains has failed:
Invalid response from https://acme-v01.api.letsencrypt.org/acme/new-cert.
Detail: Error creating new cert :: too many certificates already issued for exact set of domains: example.com,webmail.example.com,www.example.com: see https://letsencrypt.org/docs/rate-limits/
The following Let's Encrypt certificates have been renewed without some of their Subject Alternative Names:
This is a bug #EXTLETSENC-447 that will be fixed in future product updates.
As a workaround, rename the domain in Plesk so that it is written in lower case only in Plesk > Domains > EXAMPLE.COM > Hosting Settings.