- Plesk Onyx for Linux
Unable to install Let's Encrypt certificate either for a domain example.com in Domains > example.com > Let's Encrypt or for securing Plesk in Tools & Settings > SSL/TLS Certificates > Let's Encrypt:
PLESK_ERROR: Detail: Fetching http://example.com/.well-known/acme-challenge/do75fK79n_uF9JimlezVpQQQfmvHaOVd7T8cjZKVvWk: Timeout during connect (likely firewall problem)
PLESK_ERROR: Error: Could not issue a Let's Encrypt SSL/TLS certificate for example.com. Authorization for the domain failed.
Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/dlJ9iUsYRM51xlzLkS8KpRJYccRh1yKRUJEPgLMoRFc.
Details: Fetching https://example.com:8443/.well-known/acme-challenge/44DVtYx2WBKaujKCYO7tOxZ4nS2-m_-Ci5dLoQw0X34 Error getting validation data
Port 80 is shown as
filtered(the below command should be executed on an external PC or server, not on the Plesk server):
# nmap -p 80 example.com
PORT STATE SERVICE
80/tcp filtered http
example.comresolves to the IP address of the Plesk server:
# dig +short example.com
The domain example.com is hosted on the same Plesk server, and only IPv4 address is assigned to it.
While accessing http://example.com in the browser, the following error is shown:
CONFIG_TEXT: This site can’t be reached
Port 80 is filtered by a firewall.
- If the firewall is configured on the Plesk server, open the port 80 for incoming connections as described in the article Which Ports Need To Be Opened for all Plesk Services to Work with a Firewall?
- If Plesk is installed on a public cloud service, follow the instructions to open port 80: for Amazon EC2, for Amazon Lightsail, for Google Cloud, for Microsoft Azure, for Alibaba Cloud.
- If some intermediate firewall/router is configured between the Plesk server and an external network, port 80 should be opened on it as well.