Renewal of Let's Encrypt Certificates Using Plesk

Posted on Tue 14 June 2016 in Sysadmin

Note to self: If the Let's Encrypt extension for Plesk fails to renew a certificate (when triggered manually), disable the automatic forwarding to an SSL connection in the Apache settings. This forced secure connection seems to disturb the renewal script.

The error I got was something like this:

Let's Encrypt SSL certificate installation failed: Failed letsencrypt execution:
2016-01-19 13:56:07,885:WARNING:letsencrypt.cli:Root (sudo) is required to run most of letsencrypt functionality.
Failed authorization procedure. (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization ::
Invalid response from
IMPORTANT NOTES: - The following errors were reported by the server:
Domain: Type: urn:acme:error:unauthorized
Detail: Invalid response from /.well-known/acme-challenge/

See also this bug report on Github.

Let's hope the extension is going to renew all certificates automatically every month from now on, as it should.