Applicable to:
- Plesk Onyx for Linux
- Plesk Onyx for Windows
Symptoms
-
Let's Encrypt certificates fails to be issues or auto-renewed with the following error in Plesk UI on a Linux server:
PLESK_ERROR: Status: 403
Detail:
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr><center>"Or in Plesk on Windows server:
PLESK_ERROR: Details:
Type: urn:acme:error:unauthorized
Status: 403
Detail: Invalid response from http://example.com/.well-known/acme-challenge/WTAKI-FRel8tZZKYyhM2UfzvM9TWk02r4fZ__cjuCkU: -
Website shows "403 Forbidden" error.
-
Denydirective is set in additional nginx or Apache directives in Domains > example.com > Apache & nginx Settings, e.g:CONFIG_TEXT: location ~ /\. {
deny all;
} -
The following entries appear in
/var/www/vhosts/system/example.com/logs/proxy_error_log:CONFIG_TEXT: [error] 11940#0: *46281 access forbidden by rule, client: 203.0.113.2, server: example.com, request: "GET /.well-known/assetlinks.json HTTP/1.1", host: "example.com"
Cause
Communication between website and Let's Encrypt servers is prevented by restrictive web server settings.
Resolution
-
Open Domains > example.com > Apache & nginx Settings:
-
Temporary remove
denydirectives from Additional Apache directives and Additional Nginx directives. -
Set Deny access to the site to Default under Common Apache settings:
-
-
Open Domains > example.com > IIS Settings;
-
Set Deny access to the site to Default under Common settings:
Comments
0 comments
Please sign in to leave a comment.