Applicable to:
- Plesk Onyx for Linux
- Plesk Onyx for Windows
Symptoms
-
Let's Encrypt certificates fails to be issues or auto-renewed with the following error in Plesk UI
PLESK_ERROR: Status: 403
Detail:
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr><center>"
PLESK_ERROR: Details:
Type: urn:acme:error:unauthorized
Status: 403
Detail: Invalid response from http://example.com/.well-known/acme-challenge/WTAKI-FRel8tZZKYyhM2UfzvM9TWk02r4fZ__cjuCkU: -
Website shows "403 Forbidden" error.
-
The following entries appear in
/var/www/vhosts/system/example.com/logs/proxy_error_log
:CONFIG_TEXT: [error] 11940#0: *46281 access forbidden by rule, client: 203.0.113.2, server: example.com, request: "GET /.well-known/assetlinks.json HTTP/1.1", host: "example.com"
Cause
Communication between website and Let's Encrypt servers is prevented by restrictive web server settings.
Resolution
-
Open Domains > example.com > Apache & nginx Settings:
-
Temporary remove
deny
directives, for example, as below from Additional Apache directives and Additional Nginx directives.CONFIG_TEXT: location ~ /\. { deny all; }
-
Set Deny access to the site to Default under Common Apache settings:
-
-
Open Domains > example.com > IIS Settings;
-
Set Deny access to the site to Default under Common settings:
Comments
2 comments
I have that same issue but this solution was not helpful:
proxy error.log shows
2020-04-08 17:11:39 Error 192.88.134.12 1742#0: *1481446 access forbidden by rule
But: Common Apache settings show:
- no Deny rules
- Deny Access to the site is already = Default
I also tried
disabling Proxy mode for the domain and adding this
location ^~ /.well-known/ {}
to the domain's Additional Nginx directives, but that did not help either
I am still seeing the same error.
FYI:
Version 17.8.11 Update #88, last updated on June 30, 2020
LetsEncrypt Version: 2.10.2-633
Hello Fran Le Bouleix there is likely some other root cause. Please create a ticket to check the issue.
Please sign in to leave a comment.