kb: technical
ext: le
ABT: Group A
Symptoms
-
External DNS is used for the domain example.com;
-
Cannot renew wildcard certificate with the following messages received by Plesk administrator:
CONFIG_TEXT: Cannot renew LE: Skip wildcard certificate renewal for the domain 'example.com'. TXT record could not be created automatically. Try to renew domain certificate manually.
Cause
TXT record has not been added or updated on domain example.com on external DNS side: when external DNS is used it is required to add TXT record manually each time to re-issue Let's Encrypt certificate.
Resolution
- Add TXT record on external DNS side;
- Log into Plesk;
- Re-issue certificate in Domains > example.com > Let's Encrypt.
Comments
3 comments
I have the same situation and have had it for some years now. I always to what you suggested, I manually edit the TXT record on my external DNS zone (in the OVH company's panel) and then I manually re-issue the certificate. Although this works fine, it's a pity it can't work as it works automatically with a single certificate.
I think this happens because the DNS is handled by my domain provider (OVH). How can I delegate this into my Plesk server so the DNS entries that are in Plesk are the ones that rule?
Carlos Martínez Gadea If you want to manage DNS from Plesk you can refer here https://support.plesk.com/hc/en-us/articles/360021907393--How-to-use-DNS-with-a-Plesk-server. You will need to point your NSs in OVH to Plesk. Please check the first section of the article.
This really is a pain in the butt. Why does it have to change the TXT record every time it renews? I renewed a whole bunch of certs today and then still got the notice about 6 hours later that it can't renew even though they were already renewed.
Please sign in to leave a comment.