Unable to install Let's Encrypt SSL: Invalid response from example.com: 404 Not Found

Created:

2017-06-01 21:32:52 UTC

Modified:

2017-08-17 11:35:11 UTC

7

Was this article helpful?


Have more questions?

Submit a request

Unable to install Let's Encrypt SSL: Invalid response from example.com: 404 Not Found

Applicable to:

  • Plesk for Linux

Symptoms

  1. Unable to install Let's Encrypt SSL with "404 not found", "Timeout" or "Could not connect" errors:
    "type": "http-01",
          "status": "invalid",
          "error": {
            "type": "urn:acme:error:unauthorized",
            "detail": "Invalid response from http://example.com/.well-known/acme-challenge/QweqSPyw7o0M1XpHhhDM3RSJyLLi7X6fge-VwMIYux8: \"\u003c!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"\u003e\n\u003chtml\u003e\u003chead\u003e\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\n\u003c/head\u003e\u003cbody\u003e\n\u003ch1\u003eNot Found\u003c/h1\u003e\n\u003cp\"",
            "status": 403
    
    ERR [panel] Error: Let's Encrypt SSL certificate installation failed: Challenge marked as invalid. Details: Invalid response from http://example.com/.well-known/acme-challenge/QweqSPyw7o0M1XpHhhDM3RSJyLLi7X6fge-VwMIYux8: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
    <html><head>
    <title>404 Not Found</title>
    </head><body>
    <h1>Not Found</h1>
    <p"
    Error: Let's Encrypt SSL certificate installation failed: Challenge marked as invalid. Details: Fetching http://example.com/.well-known/acme-challenge/IvIvh2SslhaJRq_pHcxngfqUb7VF9zFW-BSEiJ5QVNY: Timeout
    Error: Let's Encrypt SSL certificate installation failed: Challenge marked as invalid. Details: Could not connect to example.com
  2. Global DNS contains AAAA record for IPv6, but in Plesk domain is assigned to ipv4 only in Domains > example.com > Web Hosting Access:
    # dig @example example.tld AAAA
    example.com 86400  IN      AAAA 2001:db8:f61:a1ff:0:0:0:80
  3. Domain resolves to a non-Plesk IP globally or it does not list A record from name server globally:
    # dig @example example.tld
    ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6 <<>> @example -t any example.tld
    ; (2 servers found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 8586
    ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
    ;; WARNING: recursion requested but not available
    ;; QUESTION SECTION:
    ;example.com.            IN      ANY
    ;; Query time: 97 msec
    ;; SERVER: 200.212.001.001#53(200.212.001.01)
    ;; WHEN: Fri Jun  2 02:56:09 2017
    ;; MSG SIZE  rcvd: 36

Cause

Incorrect DNS configuration for a domain.

Resolution

  1. Modify domain's DNS on a registrar side so that domain resolves to Plesk IP globally
  2. If A record is not returned by one of the name servers, change DNS so that both name servers return A record globally
  3. If global DNS contain AAAA record, add IPv6 address in Home > Domains > example.tld > Web Hosting Access > IPv6 Address or remove AAAA record from a global DNS for a domain
Have more questions? Submit a request

2 Comments

  • 0
    Avatar
    Robert Ivanov

    Thanks, but none of those fixes my issue. I have also checked that the .well-known folder can be created and permissions should be OK. I still get Not found error.

  • 0
    Avatar
    Bulat Tsydenov

    @Robert, In this case, I would recommend you contacting support.

Please sign in to leave a comment.