Question
How does Let’s Encrypt extension renew certificates?
Answer
Let’s Encrypt SSL certificates have a validity of 90 days.
Let’s Encrypt and SSL It! extensions have a scheduled task named keep-secured.php visible in Tools & Settings > Scheduled Tasks.
These tasks run hourly and renew certificates which are soon to be expired (< 30 days).
Note: Those tasks are also responsible to issue a certificate automatically if Keep websites secured with free SSL/TLS certificates option is selected in Service Plans > plan_name > Additional Services or in Domains > example.com > SSL it!.
In case both Let’s Encrypt and SSL It! extensions are installed:
- The task
/opt/psa/admin/plib/modules/sslit/scripts/keep-secured.phpis responsible for the renewal of domains’certificates. - The task
/opt/psa/admin/plib/modules/letsencrypt/scripts/keep-secured.phpis responsible for the renewal of Plesk panel certificate (managed in Tools & Settings > SSL/TLS Certificates).
These tasks can be disabled following the article Is it possible to disable Let`s Encrypt certificate renewal?
with