Hello,
I am a complete newbie. I am trying to manage a server on a volunteer basis. I am new to this system. Now a message arrived on my inbox, that the certificate will expire soon (28.02.2023). I don’t know if I need to act. The website tells me that the certificate will be renewed automatically. But still I get message to update/renew my certificate.
Do I need to run something manually, or will there be an automatic update, or should I try to force update? But I don’t know how. That’s where I need help please.
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
Well, you know. Also you started as a newbie one day. You comment is complete useless. If you want to participate for a community, you should start/lean also helping newbies, instead of writing nonsense comments.
At the risk of sounding unhelpful this forum is probably not the best first stop for you. It looks like you have a hosting provider (Strato) that setup a configuration system (Plesk) for you.
That Plesk system should be able to get and renew certs automatically. Failures of that are best asked of the person who set that up. In this case Strato. If nothing else they should be able to point you to better aids for debugging. After all, you are paying them for this service.
9peppe pretty much said this same thing in the second post. I'm just adding extra color.
Also, I think with just 19 days remaining on your cert you should be concerned. You certainly have some time (19 days) but usually auto-renewals are done with 30 days remaining so it seems like something has gone wrong. That is why Let's Encrypt sends friendly warning emails with just 20 days remaining.
From your cert history it looks like something changed dramatically last Nov (link here). That's a good place to focus attention and ask Strato what that was.
If that fails come back here but our abilities to debug config systems setup by someone else are sometimes limited.
In November the server was reinstalled. Then I configured SSL. Nothing special happend. Of cause I'll contact Strato as well.
Thinking about a possible path to solve the issue, would it be ok to remove all certificates and recreate?
But what did I wrong that the auto-renewal does not work? I would like to prevent that issue. Hence, any tipp that might be important to do it right?
It is never a good idea to remove perfectly good certs.
If you are having trouble getting new ones, then don't let go of the ones you have [until you are sure you can get new ones - even then I'd get the new one first].
That said, you could still try that; And undo it, if it goes awry, by first backing up the entire {insert your ACME clients' cert path here} folder.
Of cause doing it in the right order and not deleting is key. For now I 'disconnected' the cert from the domain. Then I requested/created a new certificate, and assigned it to the domain. This seems to solve my problem for now. Next renewal is now shown for end of march. So looking forward if it renew automatically or if I need to 'refresh' again.
