Unable to install a Let's Encrypt certificate for a domain in Plesk for Windows: 404 Not Found




  • Avatar
    keith elman

    I got as far as step #4 and could not create a Let's Encrypt certificate - only the following error:

    Error: Could not issue a Let's Encrypt SSL/TLS certificate for mydomain.com. Authorization for the domain failed.

    Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/X2cfjDA4SYwrReayLghRZR21jqN6Cs6dFb0zC6sHNWQ.
    Type: urn:acme:error:tls
    Status: 400
    Detail: Fetching https://mydomain.com/.well-known/acme-challenge/9ll2APvcmH1uhKztKnZOx8RguxItvm7xy5ZvGgr48ME: local error: tls: no renegotiation
    The challenge above is present in the httpdocs\.well-known\acme-challenge (along with all the others) and is accessible from internet. 
    I've been working on this for the past 2 weeks but cannot resolve it.  It started out as a non-renewal of the cert but even after deleting it, all attempts at creating a new one have failed so any help is greatly appreciated.
  • Avatar
    Ivan Postnikov

    Hello @keith,

    Please, make sure that web access to domain folder httpdocs\.well-known\acme-challenge is not being blocked by domain configuration.

    For Windows server web.config configuration may be the cause, for Linux check additional directives and .htaccess files.


    Also, please, try this:

    If 301 redirect is enabled:

    Go to Domains > example.com > Hosting Settings and perform the following steps:

    • Set Preferred domain to none.

    • Uncheck the option Permanent SEO-safe 301 redirect from HTTP to HTTPS.

    • Issue a Let's Encrypt certificate in Domains > example.com > Let's Encrypt.

    If 302 redirect is enabled:

    Go to Domains > example.com > Hosting Settings and perform the following steps:

    •  Turn off domain forwarding by changing Hosting type to Hosting.

    • Issue a Let's Encrypt certificate in Domains > example.com > Let's Encrypt.
  • Avatar
    keith elman

    Changes to the 301 redirect option worked initially but when it came time to renew the cert again, Let's Encrypt would not renew so I tried these steps again but this time they didn't work!  There is no 302 redirect for this domain.  Plesk won't allow me to delete the cert (see error below).  I even tried deleting it in IIS 8 but on refreshing, it returned. Of course I disabled SSL on the domain before attempting to delete. Fresh out of ideas other than the drastic step of cloning the site to another webspace and starting all over.

    Unable to remove SSL/TLS certificates. One or more certificates are used by websites.

Please sign in to leave a comment.

Have more questions? Submit a request