Renew Certificate not processing

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

I keep getting an e-mail telling me that my certificate is about to expire. I have renewed the certificate several times in Plesk, each time it tells me the certificate has been renewed, each time a few days later I get a renewal reminder.

Has the certificate been renewed, or is there a glitch there somewhere?

My domain is: https://digitally-learning.ch

I ran this command: I renewed in Plesk

It produced this output: Certificate renewed

My web server is (include version):Linux GNU/Debian 8.8 (Jessie)

The operating system my web server runs on is (include version):Linux GNU/Debian 8.8 (Jessie)

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):Plesk

Your site already serves the renewed certificate, which expires in February 2018. So your site is safe. No need to renew again.

What is the contents of the e-mail exactly? Is it from Let’s Encrypt? Or some service of Plesk itself? Which domains does it list?

Let’s Encrypt shouldn’t warn you after you’ve renewed. All your new certificates (three to be exact) are exactly the same as your previous certificate of 2017-09-29. That should refrain Let’s Encrypt from bothering you again after renewal. Might be a bug though.

Hello,

Your certificate (or certificates) for the names listed below will expire in
0 days (on 26 Nov 17 12:06 +0000x-apple-data-detectors://0). Please make sure to renew
your certificate before then, or visitors to your website will encounter errors.

digitally-learning.chhttp://digitally-learning.ch/

For any questions or support, please visit https://community.letsencrypt.org/.
Unfortunately, we can’t provide support by email.

For details about when we send these emails, please visit
https://letsencrypt.org/docs/expiration-emails/. In particular, note
that this reminder email is still sent if you’ve obtained a slightly
different certificate by adding or removing names. If you’ve replaced
this certificate with a newer one that covers more or fewer names than
the list above, you may be able to ignore this message.

If you want to stop receiving all email from this address, click
[redacted]
(Warning: this is a one-click action that cannot be undone)

Regards,
The Let’s Encrypt Team

Paul Raper MSc TESP/TESOL
MAS Knowledge Management and E-Learning

Ah, thát certificate.

Guess in the beginning of your certificate-carreer, you got a certificate issued for just the bare domain name, without the www and webmail subdomain.

A day later, your site got a new certificate issued which includes all three FQDNs: the bare domain, the www subdomain and the webmail subdomain.

That latter certificate with all three domains has been renewed and is in use currently.

As the “first” domain wasn’t renewed with the exact same number of domains, Let’s Encrypt sees it as “unrenewed”. But that doesn’t matter, as your current certificate is perfectly fine.

You can safely ignore the e-mail.

Perhaps a good idea is to enable some option for Plesk to renew automatically. It could be it already renewed automatically, but you manually renewed it again after Let’s Encrypts unfortunate not-so-usefull (but technically understandable) expiry warning.

Thanks for the feedback. That’s true, when the site was originally established an SSL certificate was temporarily applied for security.

Thank you for the feedback, and indeed I have configured Plesk to auto-renew.

Paul Raper MSc TESP/TESOL
MAS Knowledge Management and E-Learning

Hi @paulraper,

Please, edit your second post to remove/edit the above link, if someone on this forum click on the link, your email address will be unsubscribed from Let’s Encrypt notifications.

Or perhaps even a crawler like Google?

1 Like

I’ve edited the post to remove the unsubscribe link. But it’s been hours and someone could have clicked it already. :grimacing:

Edit:

@paulraper, if you’ve been unsubscribed, you won’t receive future renewal alert emails for this certificate or any others associated with your email address.

If you want to resubscribe, you will unfortunately have to use a different email address. If your email provider has an easy way to use multiple virtual addresses, like paulraper+123@example.com, that will work great. If they don’t… that’s more of a problem. :grimacing:

To change the email address for a Let’s Encrypt account, it needs to be done via an ACME client. I don’t know if Plesk’s client has an option for it. :grimacing:

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.