Why is SiteGround having such issues with automatically renewing Let's Encrypt! SSL tickets?


#1

SiteGround is having issues with renewing tickets, and don’t seem to know what’s wrong. It would be great if someone could get this fixed with them, as it’s a major pain and waste of time to have to manually renew 150+ tickets.

Any help or suggestions would be appreciated, and please let me know if more information is needed.

Thanks!


#2

What do you mean by ssl tickets?

Do you mean TLS Session Resumption Session Tickets ? If so, they are handled by you server, and are independent of your certificate (so, not linked to let’s encrypt)

Or do you mean ssl CERTIFICATES?

I’ll assume you meant the latter. Can you provide more information about how you generate/renew them ? Are they wildcard certificates (containing a domain starting by * , such as “*.example.com”?

According to the SiteGround documentation https://www.siteground.com/tutorials/cpanel/lets-encrypt/#How_to_renew_a_Lets_Encrypt_certificate :

Let’s Encrypt certificates issued by SiteGround are automatically renewed by us until they are canceled. You don’t need to do anything manually.


#3

…and if that isn’t happening, it would seem that SiteGround support would be the more appropriate point of contact than here.


#4

I did mean certs, and we’re not using wildcard. They’re suppose to renew automatically, but it hasn’t been working. I’ve contacted them a few times about this and they’ve kinda just shrugged their shoulders about the issue. Thank you for your time though, I just wanted to see if anyone else has had this sort of problem with SiteGround as well on here.


#5

Hello,

I’m having the same problem, except, they keep telling me it’s not the server, that it’s the Let’s Encrypt itself. Now since 2 of our sites on that server failed to install Let’s Encrypt, I went to another SiteGround account that I own. I successfully installed a Let’s Encrypt SSL on a site. Below is the same thing they’ve been telling me for 2 weeks now. My question is: If I can install Let’s Encrypt on my other SG server, wouldn’t it make sense that all servers are making the call to Let’s Encrypt in the cloud or wherever. So logically, since it is a call with the keys being passed to the Let’s Encrypt processor, wouldn’t that be a server problem, not a Let’s Encrypt problem?

"_emphasized text_The issue with thesecondomain.com is the same as the first one. Please note that this is not related to the server but the actual Let’s Encrypt tool. Unfortunately, there is not much we can do at this point. As already advised, our Developers are working on a permanent fix as we speak. I am afraid, though, that we cannot provide you with an ETA as to when this will be resolved.


#6

Ah! That verbiage answers an important question:

This indicates that it’s an issue with whatever client they happen to be using, presumably one they developed themselves given the statement that their developers are working on it. Sounds like something broke in their client.


#7

This is what they get when they call the program – then the challenges to the domain name begin failing one after another untilt it fails. Below is the error.

Why then can I get one to install on another SG account with no problem. So is this a server problem?? I would think so.

/usr/local/letsencrypt/venv/lib/python3.6/site-packages/josepy/jwa.py:107: CryptographyDeprecationWarning: signer and verifier have been deprecated. Please use sign and verify instead


#8

Could someone please get a SiteGround representative to participate in the forum to help debug? Lots of people from Let’s Encrypt and the community will be happy to resolve this but it would be better if it didn’t have to go back and forth through individual SiteGround customers. :slight_smile:


#9

I copied your answer and put in in the open ticket at siteground. No response yets.


#10

Hey everyone!

I will check in with the SiteGround team as well. We have been working closely with their team to resolve any Let’s Encrypt related issues and if they have not yet already been addressed and fixed, should be shortly.

Specifically for renewals, I know you can message their support team and they can do a manual renewal on your domain while any underlying issues for autorenewal are ironed out!

Thanks again for using Let’s Encrypt!

Best,
JP


Issue installing LetsEncrypt certificate on Siteground
#11

Hi Jenessa,

Thanks for that info. We had to buy an SSL from them to get the goods4goodonline.com up as secure.

John