My web server is (include version): Plesk Onyx Version 17.5.3 Update #25 httpd-2.2.15-60.el6.centos.6.x86_64
The operating system my web server runs on is (include version): centos 6.9
I can login to a root shell on my machine (yes or no, or I don’t know): yep
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Plesk
The certificates were running fine for quite a while, there have been some auto renewals according to https://crt.sh/?q=%mtin.de but out of the blue the auto renewal is not working anymore. I did not (knowingly) touch the server configuration so I am a bit lost how to debug this issue. I. have checked the LetsEncrypt Plesk plugin github page for issues but could not find any that are related. Any help greatly appreciated!
(the issue is not limited to this one domain, all domains hosted on this server are failing to renew now)
That should return a list of URLs in JSON format corresponding to various services provided by the ACME server. Does that work, or do you get an error?
What if you run:
curl -X POST https://acme-v01.api.letsencrypt.org/acme/new-authz
That should return an error in JSON including “Parse error reading JWS”, since you didn’t send a valid request. Does it return that, or some other error?
seems ok to me, right? also checked when curl was last updated, is way before the trouble started so also unlikely? thanks a lot for jumping in on this!
Nothing seems to be wrong with your connectivity to the API server or your system curl. The issue seems to be specific to Plesk’s plugin.
The version of the plugin you have installed was released just 7 days ago, so it could have a bug. You could try downgrading it, if possible.
The plugin is developed by Plesk, so please contact Plesk Support or their forums to report if downgrading it fixes your problem or for further assistance:
good catch! the failed renewal emails started rolling in exactly the day after the plugin was auto-updated. A simple remove and reinstall of the extension apparently fixed it, I could now manually renew the certificates from plesk! thanks a lot!