LetsEncrypt Certificate never stabile

Frank1000 · May 2, 2019, 7:34pm

Hi, although the LetsEncrypt certificate is setup in plesk, the domain keeps showing as “Not secured” again. Not sure why the whole LetsEncrypt thing never worked reliably for me, after working sometimes, i then keep receiving same “Not secured” problems over and over again. Maybe the tech philosophy behind it has too many open ends, so handling keeps being difficult ?

Regards
Frank

My domain is: onefh.com or uptoconcept.com

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version): Debian 9

My hosting provider, if applicable, is: 1u1

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

schoen · May 2, 2019, 10:46pm

Hi @Frank1000,

Do you mean that you get a browser security warning when accessing these domains, or that your Plesk interface tells you that the domains no longer have HTTPS support?

Frank1000 · May 3, 2019, 6:09am

Hi Schoen, thx for reply. Yes, browser security warning.

Frank1000 · May 3, 2019, 7:08am

I found back this older post i once started … Repeatedly https not working on Plesk … here is the Plesk support chat log :

Alex Davydov 08:28
I have checked the error message you provided and can conclude that the issue is caused by the fact that too many certificates were created for the domain for less than a week. As the result, limit Certificates per Registered Domain which is one of the Let’s Encrypt rate limits has been exceeded.

for details please refer to this article: https://support.plesk.com/hc/en-us/articles/115000068105-Unable-to-install-a-Let-s-Encrypt-certificate-Too-many-certificates-already-issued-for-exact-set-of-domains

Frank 08:29
ok thank you. I thought i have only 1 single certificate for all domains
also, how am i being creating certificates ? I just click for LetsEncript and put my LetsEncryt email and thats all of my interaction with it.

Alex Davydov 08:31
The possible cause that there are several subdomains of this domain or there are several tries to secure the domain and its email

Alex Davydov 08:32
In any case the issue is caused by Let’s Encrypt limit

Alex Davydov 08:32
And As the limit is defined by Let’s Encrypt directly and cannot be managed through Plesk. To overcome the issue wait for this week period to pass and reissue certificate.

Frank 08:39
I c, but if i don’t change anything, then next week the same problem continues, because it continued for years now. Only once in a while the problem disappears

Alex Davydov 08:43
Please note that this limit is the limit of Let’s Encrypt and I cannot say for sure how many times this certificate was used. Please wait for a 7 days and try to regenerate the certificate.

Frank 08:45
i mean, how do i limit the times the certificate is being created ?

Alex Davydov 08:47
It is not possible to limit it due to internal structure of Let’s Encrypt i.e. it is a let’s encrypt limit

Frank 08:48
ok so there is nothing i can do right or wrong in Plesk about it ?

Alex Davydov 08:49
From Plesk side this can not be managed and it is required to wait

JuergenAuer · May 3, 2019, 9:07am

Hi @Frank1000

where are browser warnings?

Checked both domains - https://check-your-website.server-daten.de/?q=onefh.com and https://check-your-website.server-daten.de/?q=uptoconcept.com there is no error visible.

Both have a Grade H, because there is no redirect http -> https.

But both have the correct certificate (with a single domain name).

CN=onefh.com
	12.04.2019
	11.07.2019
expires in 69 days	onefh.com - 1 entry

and

CN=uptoconcept.com
	01.05.2019
	30.07.2019
expires in 88 days	uptoconcept.com - 1 entry

Add redirects http -> https.

There is another problem.

Your

https://onefh.com:8443/

doesn't use the certificate of onefh.com. There is a self signed certificate used.

But that's a different problem. And you can't use

https://onefh.com:8443/
https://uptoconcept.com:8443/

at the same time with one of these certificates with only one domain name.

Or you have to create one certificate with both domain names. But that may be impossible because of a Plesk-limitation.

Frank1000 · May 3, 2019, 7:35pm

ok thanks
:::::::::::::::

schoen · May 3, 2019, 9:54pm

Web servers should be able to handle that case using SNI, even on port 8443, if both certificates are mentioned in virtual hosts in the same web server application.

system · June 2, 2019, 9:54pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Repeatedly https not working on Plesk Help	7	1940	March 1, 2019
Trying understanding LetsEncryt setup in Plesk Help	3	630	December 1, 2018
SSL on Plesk and IIS not working Help	12	1669	July 29, 2020
Trouble Renewing Certificate Help	3	665	March 27, 2019
My website still showing Not Secure Help	6	8591	May 23, 2017

LetsEncrypt Certificate never stabile

Related topics