When trying to secure Plesk with Let's Encrypt certificate in Tools & Settings > SSL/TLS Certificates > Let's Encrypt, the following error is shown:
PLESK_ERROR: Error: Could not issue a Let's Encrypt SSL/TLS certificate for example.com. Authorization for the domain failed.
Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/CCN29pWZlmRucpWi02wuAVG2-YlrrIpF1xfN2laXB9w.
Detail: Fetching http://example.com/.well-known/acme-challenge/z6KIjWGR4V8yKVWMIDLAmuBxKHgzViQYpFCs_JVTqVw: Timeout
The domain example.com is hosted on the same Plesk server, and only IPv4 address is assigned to it.
It is impossible to connect to the Plesk server from the external networks on port 80:
# nmap -p 80 example.com
PORT STATE SERVICE
80/tcp filtered http
Port 80 is filtered on a firewall.
If the firewall is configured on the Plesk server, open the port 80 for incoming connections as described in the article Which Ports Need To Be Opened for all Plesk Services to Work with a Firewall?
If some intermediate firewall/router is configured between the Plesk server and an external network, port 80 should be opened on it as well.