Plesk Can't Reload or Cancel SSL/TLS Certificate

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: loftyliterature.com

I ran this command:

It produced this output:

My web server is (include version): Gen4 VPS Linux 16 CPU High Memory

The operating system my web server runs on is (include version): CentOS Linux 7.9.2009 (Core)

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Plesk Obsidian

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Version 18.0.52

I had a SSL/TLS Certificate installed for this domain but it expired, and then I tried to delete it so I could re-install but when I go to SSL/TLS Certificates in Plesk I can only 'Reload' or 'Cancel'. If I Reload it says:

Your domain is not secured with a valid SSL/TLS сertificate. Order or install it to secure data transfer, credit card transactions, logins, and other personal information.

To secure your domain, order a new certificate from the list below or upload an already purchased certificate.

When I click I click Cancel, I can click Install and then click Get it Free but it doesn't do anything and when I close the panel it shows the same message I get after clicking 'Reload', so I am stuck in a loop and am not sure what else to do.

My server knowledge is limited. Any help would be greatly appreciated.

Is that a hosting service? Such as godaddy?

Yeah, GoDaddy hosted VPS.

This sounds like a problem better asked of GoDaddy. They setup Plesk for your system. Service is part of what you pay for after all.

I see you got a Let's Encrypt cert with several domain names and one wildcard back in Feb. But, your domain is currently using a self-signed default Plesk cert. I have no idea why Plesk wouldn't be able to get another cert just like you did back in Feb.

image1791×810 87.9 KB

Does GoDaddy offer Let's Encrypt certs? And do they offer that kind of support for a VPS?

They got an LE cert in Feb. They only mention using Plesk. They have limited server knowledge. Either GoDaddy or a Plesk forum seems better than here.

Anyone with a better suggestion is free to make it

I am with GoDaddy customer support now to confirm if they provide support, and I have also submitted a post on the Plesk community forum. Done many searches online, feel like I have hit a wall.

I fully agree, I just want to increase my own horizon of knowledge, as I thought GoDaddy didn't support anything related to Let's Encrypt, but I'd be glad if I was wrong

From what I've heard [over the years]...
GoDaddy Shared Hosting = ZERO SUPPORT
GoDaddy VPS = hmm... not too many of those around
[likely some "default setup" and then end-user managed]

You should be able to use CertSage to acquire a Let's Encrypt cert. You'll need to use the Plesk interface to install it though.

Not sure if CertSage is the most ideal ACME client for a VPS with root access.

E.g. there's a Certbot plugin doing the dns-01 challenge and installing the cert using cPanel (GitHub - badjware/certbot-dns-cpanel: certbot plugin to allow acme dns-01 authentication of a name managed in cPanel). Which can be fully automated. Hm, not cPanel, but Plesk, nevermind about the previous part.

True. I wonder how the previous certs were acquired.

Don't we all From the looks of it, Plesk.

The original certs were acquired using Plesk, and I added a txt DNS record to verify the domain, after I deleted the certificate after it expired, I can't seem to use Plesk to install a new certificate.

Would you still suggest using CertSage to try and create and manually install a new Let's Encrypt certificate?

I'd begin at the beginning.
Do you have true root access?

Yes I believe so, I just opened the SSH Terminal extension.

I think that doesn't provide the same usefulness as a true SSH connection.
[browser based simulation]
But it is worth the try.

How tech savvy are you?

I am a web developer with some hosting/server experience, so pretty tech savvy overall.

Thank you so much for your time!

Can you locate the webserver's vhost config file?
If so, we need to see the contents of the secure vhost config file.

Personally, I'm more interested with more details (screenshots, logs et cetera) why Plesk suddenly wouldn't be able to get a certificate.

Currently, the only thing we know is that Plesk apparently only shows "Reload"/"Cancel". I'm not familiair with Plesk myself, but maybe some screenshots/errors/et cetera can shed some light on the Plesk-situation.