Symptoms
- A domain secured with Let's Encrypt was removed from the server.
- Let's Encrypt notifications about the domain are still sent to the customer's email that was used to issue the certificate.
Cause
The server has certificate leftovers. This is caused by the bug EXTLETSENC-643, which is planned to be fixed in future updates.
-
The directory
/usr/local/psa/var/modules/sslit/etc/live/example.com/
exists on the server, and/or -
The certificate has entries present in the database:
# plesk db "SELECT * FROM certificates WHERE name LIKE '%example.com%'"
Resolution
Remove the certificate leftovers from the server:
Note: Notifications are sent with a one-day delay, so a notification may still be sent after applying the solution.
-
Log in to the server via SSH
-
Move or delete the
/usr/local/psa/var/modules/sslit/etc/live/example.com/
directory:# mv /usr/local/psa/var/modules/sslit/etc/live/example.com/ ~/
-
Move or delete any files that mention the domain in the
./orders
folder# for i in $(grep -irl "example.com" /usr/local/psa/var/modules/letsencrypt/orders/); do mv $i ~/; done
-
If any records exist in the database, remove them as well:
# plesk db "DELETE FROM certificates WHERE name='Let's Encrypt example.com'"