I am using LE on Plesk and it worked like a charm until yesterday. Somehow the certs are not recognized on IOS devices anymore and there seems to be no way to trust it? I did a check on https://crt.sh/?q=heymans.name and I think the cert is OK… not sure.
What can I do to get the certs running on ios again? Sites and webmail run fine btw.
Thanks!
My domain is: heymans.name
I ran this command:
It produced this output:
My web server is (include version): nginx - latest
The operating system my web server runs on is (include version): CentOS Linux 7.6.1810 (Core)
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Plesk Onyx 17.8.11 #49
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): not using
The mailaccounts that cause errors are all POP3 accounts, on IOS. I added a new email address on the server and used the IMAP protocol and got the same warning about an expired/untrusted cert but I did het the option to trust it. Something I cannot do with the ‘old’ POP3 accounts.
If you let me know what you’d like to see I’ll make a screenshot of it.
I have LE set up just like the help center explains, and is has been working fine for a few months, on all domains on the server. The default setting for plesk mail is to use no subdomains for either pop/imap/smtp.
The problem is pop3 for sure now, everything else works. I have to dig in deeper it seems.
I started to work again after I received this automated email:
The following domains of Reseller (login XXX) have been secured with Let's Encrypt certificates: <none>
The following Let's Encrypt certificates for XXX (login XXX) have been renewed:
The is really there. not sure why there's no info there.
The domains being updated are the main domains for the server. Could it be that the main server cert needs to be renewed before any secondary domain is renewed? After receiving this, the ios devices started to work again (pop3).