If you’ve used Plesk or similar to install an SSL certificate for your website via Let’s Encrypt, you may receive notifications about certificate expiry notices directly from Let’s Encrypt. These notices should be considered to be a notice only and may nor may not indicate there’s an issue.

Generally, you will receive the notification if one of the following occurs:

  1. The certificate is no longer in use. If you have added or removed a domain from the list when securing your site, Let’s Encrypt will generate a new certificate as previous one can’t be modified. The notice you’re receiving may relate to the old certificate, which is no longer required and won’t affect your site.
  2. One or more domains can’t be verified.  This is most likely caused by a domain which has either moved away from Conetix or has expired. This will cause the entire certificate to fail to renew. To correct, ensure that only the domains you manage and are still active are selected when renewing or creating the Let’s Encrypt certificate.
  3. External configuration or restrictions are blocking the verification. This could be a 301 redirect, .htaccess files or NGINX rules are blocking the verification from occurring.  This, like above will stop the certificate from safely renewing. To correct, ensure you don’t have any rules in place blocking the verification.

Note: You can verify the validity of the SSL certificate by using this online tool: https://www.sslshopper.com/ssl-checker.html

If you have not made any changes to your certificate, or are not sure what these emails mean it is best to contact Conetix for confirmation before ignoring.

After you’ve confirmed the certificate is no longer required, you can can click on the link provided in the email to stop receiving the notifications.

Was this article helpful?

Related Articles