Let's Encrypt installation fails: Challenge marked as invalid

Follow

Comments

9 comments

  • Avatar
    Sean Owen

    Helpful

     

  • Avatar
    .

    You can also create a link from httpsdocs/.well-known to httpdocs/.well-known and keep option 'Run the website in compatibility mode for the legacy option "Separate SSL/TLS and non-SSL/TLS content"' enabled. This solved issue "The authorization token is not available at https://domain.tld/.well-known/acme-challenge/*** . To resolve the issue, make it is possible to download the token file via the above URL.".

  • Avatar
    QiQQ

    We also had a problem renewing the Let's Encrypt certificates. This was because we where having a URL rewrite rule that automatically redirected all requests from HTTP to HTTPS, As written above "Let's Encrypt creates temporary files in the depths of the domain's document root in order to create a certificate and verify that you own this domain". This temporary folder is named ".well-known". We excluded this folder from the rewrite rule, now Plesk Let's Encrypt extension is working properly. So add an exclude and it will work, you don't need to use all suggestions ass written above.

  • Avatar
    Lev Iurev

    @QiQQ correct. the same is briefly described in 6 step

  • Avatar
    Yulia Plokhotnikova

    @.

    Hello there,

    Thanks for sharing a feedback.

  • Avatar
    Moritz Kornher

    Also doesn't work if Docker Proxy rules are setup. Unfortunately this breaks the auto-renewal. Would be nice to see alternative authentication methods supported (i.e. DNS)

  • Avatar
    Ivan Postnikov

    @Moritz Kornher

    Thank you for sharing such case.

    Features regarding Let's Encrypt may be suggested here at Let's Encrypt official website.

  • Avatar
    Moritz Kornher

    Hi @Ivan
    I trust you already know that let's encrypt supports a DNS challenge and that in fact DNS-01 is the only way to validate wildcard domains.
    So just to be clear, this is a let's encrypt feature that is already available but the Plesk plugin does not support.

  • Avatar
    Ivan Postnikov

    @Moritz Kornher

    Yes, indeed, Let's Encrypt wildcard certificates are issued using DNS challenge.

    This feature will be released in future updates of Let's Encrypt extension. Plesk developers are working on update.

    All suggestions about additional required Plesk functionality may be left here.

     

Please sign in to leave a comment.

Have more questions? Submit a request