Unable to issue Let's Encrypt SSL certificate for Webmail: Invalid response 403

Follow

Comments

7 comments

  • Avatar
    Alain CORDIER

    Hello, I have the same error on Plesk Onyx (17.8.11), but unfortunately no custom webmail settings, so /usr/local/psa/admin/conf/templates/custom/webmail/webmail.php does not exist. Any idea on how to solve the problem ?

    Thanks

  • Avatar
    Alexandr Redikultsev

    Hi @Alain CORDIER!

    In case there are no custom templates, all required directives should be already in place.

    I suggest checking whether or nor webmail.example.com resolves to the same IP as example.com.

    Also, it worth trying with different webmail types, try switching it to horde/roundcube and check whether or not it will help.

  • Avatar
    Alain CORDIER

    Hi Alexandr

    Thank you for your answer.

    I checkd IP addresses : www.domain.tld, domain.tld and webmail.domain.tld share the same ip (v4) address.

    I also tried to switch the webmail from roundcube to horde, the error is occurring :

    Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/8JqZtq8mMJCg4e38GNR0S975FSDzzDPX58p-5eWyzu8.
    Details:
    Type: urn:acme:error:unauthorized
    Status: 403
    Detail: Invalid response from http://webmail.domain.tld/.well-known/acme-challenge/NH59K41T1zgTDN3v2zIHB86gxFJ24PIiOB5f7RNxgSg: q%!(EXTRA string=<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
    <html><head>
    <title>404 Not Found</title>
    </head><body>
    <h1>Not Found</h1>
    <p)

     

  • Avatar
    Alexandr Redikultsev

    Hi @Alain.

    In case the IP address is the same in Plesk and on the DNS side, I suggest re-creating the site configuration files for the site with the following command executed via the command line:

    # plesk repair web example.com

    Also, in case there are some additional Apache or nginx directives added in Domains > example.com > Additional Apache & nginx settings, remove them for testing purposes and try again.

  • Avatar
    Alain CORDIER

    I launched the plesk command. Apparently it has nothing to repair for my domain :

    Repairing web server configuration

      Repair web server configuration for domains example.com? [Y/n]
        Repairing web server configuration for the domain example.com .... [OK]

    Error messages: 0; Warnings: 0; Errors resolved: 0

    Unfortunately, I reached the number of certificate regeneration limit, I have to wait for a week before re-submitting.
    I will let you know if it solves the problem later.

    Regarding removal of Apache and NGinx settings, I already tried that before sending my first post...

     

  • Avatar
    Alexandr Redikultsev

    Hi again, @Alain!

    Even though repair web did not show any errors, it is still re-creating the configs, so it might help.

    In case the issue will be the same, I really suggest to get in contact with us so we can troubleshoot the issue directly: https://support.plesk.com/hc/en-us 

    Or get in contact with our partner in case you have the license from them: https://support.plesk.com/hc/en-us/articles/213409109-How-to-get-technical-support-for-Plesk- 

  • Avatar
    Alain CORDIER

    I was able to regenerate succesfully the certiifcate including webmail this week. We can conclude the "repair" worked.

Please sign in to leave a comment.

Have more questions? Submit a request