- Plesk for Linux
- Attempt to renew a Let's Encrypt certificate for example.com fails with the following error:
PLESK_ERROR: Error: Could not issue a Let's Encrypt SSL/TLS certificate for example.com.
The authorization token is not available at https://example.com/.well-known/acme-challenge/_PyrEDyxR19o6h7cIE_n7p_QCmRzCQ7KGzKeQg0nMXI.
The token file 'C:\Inetpub\vhosts\example.com\httpdocs\exp\.well-known\acme-challenge_PyrEDyxR19o6h7cIE_n7p_QCmRzCQ7KGzKeQg0nMXI' is either unreadable or does not have the read permission.
To resolve the issue, correct the permissions on the token file to make it is possible to download it via the above URL.
See the related Knowledge Base article for details.
- The option Permanent SEO-safe 301 redirect from HTTP to HTTPS is enabled in Domains > example.com > Hosting Settings
Custom Redirect is configured.
Issuing certificate is possible only after passing the challenge.
Challenge works only via HTTP. By default, the directory folder used for challenge is not included in redirect rules.
Disable custom redirect for folders:
Or use these steps to renew the certificate manually:
Disable option Permanent SEO-safe 301 redirect from HTTP to HTTPS in Plesk > Domains > example.com > Hosting Settings.
Renew the certificate: Domains > example.com > Let's Encrypt > Renew.
Enable Permanent SEO-safe 301 redirect from HTTP to HTTPS.