Let’s Encrypt question

Hi,

I am using ISPConfig 3.2.9p1 on Debian 11.
Today the SSL certificate of the server hostname expired.
It was not a nice experience, because the ISPConfig3 control panel was not available and clients complained about warnings in their mail clients. Server Migration Mode was not enabled and i don't use a CloudFlare proxy for the server hostname either.
Here is the output of the log file:
cat /var/log/ispconfig/acme.log | grep my.domain.tld
[Fri 12 May 2023 12:50:09 AM CEST] di='/root/.acme.sh/my.domain.tld/'
[Fri 12 May 2023 12:50:09 AM CEST] d='my.domain.tld'
[Fri 12 May 2023 12:50:09 AM CEST] DOMAIN_PATH='/root/.acme.sh/my.domain.tld'
[Fri 12 May 2023 12:50:09 AM CEST] Renew: 'my.domain.tld'
[Fri 12 May 2023 12:50:09 AM CEST] Skipped my.domain.tld
[Fri 12 May 2023 11:21:10 AM CEST] _main_domain='my.domain.tld'
[Fri 12 May 2023 11:21:10 AM CEST] DOMAIN_PATH='/root/.acme.sh/my.domain.tld'
[Fri 12 May 2023 11:21:10 AM CEST] _saved_domain='my.domain.tld'
[Fri 12 May 2023 11:21:10 AM CEST] _normized_saved_domains='my.domain.tld,no,'
[Fri 12 May 2023 11:21:10 AM CEST] _normized_domains='my.domain.tld,no,'
[Fri 12 May 2023 11:21:11 AM CEST] DOMAIN_PATH='/root/.acme.sh/my.domain.tld'

So I did an ispconfig_update.sh --force to get a new certificate. It worked!

I know that ISPConfig 3.2 is able to create a valid Let's Encrypt SSL certificate for the server hostname automatically during installation, but does should it also automaticly renew the Let's Encrypt certifiate when needed?
If so, in my case it did not happen. If not, how can i avoid this situation on a ISPConfig 3.2 server? Did i miss something. Maybe i need a renewal script or not?

 

Thank You Till and Thom, What Till describes is exactly what i did. Now i know what to do!