Suddenly I’m getting this error on a domain I added to my Plesk 12.5 panel the other day. I have another domain that I renewed the certificate on about a week ago without issues. Please help!
Error: Let's Encrypt SSL certificate installation failed: Failed letsencrypt execution: Install certificate failure: Unable to set certificate name :
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at /opt
/psa/var/modules/letsencrypt/etc/live/thetorturedsoul.net-0001/full
chain.pem. Your cert will expire on 2016-07-05. To obtain a new
version of the certificate in the future, simply run Let's Encrypt
again.
It looks like you’ve created more certificates rather than renewed your existing ones. I’m guessing the error message is because the client couldn’t alter your config since it had already been altered and you no longer had any non-SSL domains.
You’ll notice the message refers to “thetorturedsoul.net-0001” rather than “thetorturedsoul.net”. The client hasn’t renewed, it’s recreated.
What command did you use? You should have used something like “letsencrypt renew”.
I added thetorturedsoul.net to my Plesk Panel (under domains) the other day and used “Install Certificate” from the “Let’s Encrypt” menu option under the domain. I may have already had this domain setup (with SSL) but deleted it.
I have zero experience with Plesk! I couldn’t say what you need to do in it’s Panel. I’ve only ever used the (FreeBSD port of the) official Let’s Encrypt client.
If you have the client installed, from the command line I’d run “letsencrypt renew”. The client automatically detects what certificates you have, and renews them if they have less than 30 days to expiry.
I’m guessing the Plesk Panel only requests certificates, it doesn’t renew them. I’d create a cron job to regularly attempt renewal via the client.
They just released a new version of the client today! (v0.5)
I’ve successfully renewed the certificate on my other domain thru Plesk. It’s actually very simple, and was free since I used Plesk. Is there something I can do via Ubunto 14.04 console?
What do you mean “free since I used Plesk”? Let’s Encrypt is free regardless
The client is free to download, free to use and certificates are free to obtain and free to renew. If you really have no luck playing with Plesk, just use the client.
And I mean any client, there are many. I use the official one since it’s convenient through Ports on FreeBSD, but there are bash, ruby, python, java, and Windows clients available. Find one that suits you in the following list:
When I began looking for an SSL certificate, a Google search revealed “Let’s Encrypt, free for Plesk Users”
Anyway, it’s probably something simple I am missing. It installed fine on my main domain and is ready to renew whenever I need to.
The domain in question used to use Let’s Encrypt, but I removed it from Plesk and later set it up again at which point I got the error in my original post.
I’m running LAMP Ubunto 14.04 with PHP 5.5.9 and Apache 2.
Are the certs stored somewhere in my file system? Do I need to delete something that may be causing a conflict?
They should be. According to the error you got in your original question it says your "-0001" cert was saved in /opt/psa/var/modules/letsencrypt/etc/live/thetorturedsoul.net-0001/. Your original certs should be in the same tree (minus the -0001).
Using the client, the certs are stored in /usr/local/etc/letsencrypt on FreeBSD, and I think it's just /etc/letsencrypt for linux.
I actually deleted everything (rm -rf) in /usr/local/etc/letsencrypt and started again, but I'm not sure how Plesk would react to that.
Thanks for the reply! I removed all “old” keys and files related to those keys. Now I get this error:
Error: Let's Encrypt SSL certificate installation failed: Failed letsencrypt execution: An unexpected error occurred:
There were too many requests of a given type :: Error creating new cert :: Too many certificates already issued for exact set of domains: thetorturedsoul.net,www.thetorturedsoul.net
Figured it out (searched existing posts). 5 certs per 7 days allowed. I’ll report back after 7 days to say if it worked or not.
