Plesk – the control panel for your hosting services with Conetix – is configured to notify you if your website’s Let’s Encrypt SSL Certificate fails to automatically renew itself.

Such emails may appear similar to the below;

let's encrypt ssl renewal failure emails

This article covers some of the reasons why this might happen, and some resolutions to common problems.

Checking For False-Positives

While the systems in place are designed to let you know if your certificate fails to automatically renew itself, this can also sometimes cause the system to successfully renew the certificate, but still report an issue (likely either due to the check being performed too early, or it not seeing the new certificate in place yet).

In this case, you can simply discard the notification email since no action is needed on your part in such a case.

To check whether your certificate was actually renewed or not;

  1. Visit the website listed in the notification email.
  2. In the URL bar, click on the Padlock icon next to the domain name, then choose “Connection is secure”.
    let's encrypt ssl renewal failure emails
  3. Click on the “Certificate is valid” option.
    let's encrypt ssl renewal failure emails
    • For Firefox, choose “More Information”, then “View Certificate”.
  4. Check the “Issued On” date of the certificate.
    let's encrypt ssl renewal failure emails
  5. If the “Issued On” date listed is recent (usually within the last few days), this indicates that the certificate was successfully renewed. No further action is required.
  6. Otherwise if the “Issued On” date is older than ~30 days or more, this indicates that the certificate has indeed encountered issues when trying to renew itself.
    • In such a case, please feel free to forward the renewal notification email on to the Support team for further diagnosis.

Emails From Let’s Encrypt Directly

Occasionally, Let’s Encrypt themselves will send an email to yourself regarding your SSL Certificate.
This email does not originate from our servers, and in most instances seems to reflect incorrect/outdated information.

Emails from Let’s Encrypt directly will use the email subject line of “Let’s Encrypt certificate expiration notice for domain [your domain name]“, and may look similar to the below example;

let's encrypt ssl renewal failure emails

As these emails do not always reflect the details of your current SSL Certificate (usually seem to be for the original SSL that was issued, and doesn’t keep up to date with certificates that have since been renewed), you can choose to click the Unsubscribe link at the bottom of their email to prevent them from sending further notices.

Emails with up-to-date information will still be sent out from our servers.

Was this article helpful?

Related Articles