Applicable to:
- Plesk for Linux
- Plesk for Windows
Symptoms
-
Installation of a Let's Encrypt certificate fails with one of the following error message in Plesk UI:
PLESK_ERROR: The authorization token is not available at http://example.com/.well-known/acme-challenge/Ab87T7gZtQeJBq0C2I44O9egoe-WXTTlE-hBmdvDCHM.
The token file 'С:\Inetpub\vhosts\example.com\.well-known\acme-challenge\Ab87T7gZtQeJBq0C2I44O9egoe-WXTTlE-hBmdvDCHM' is either unreadable or does not have the read permission.PLESK_ERROR: Detail: Fetching https:/example.com/.well-known/acme-challenge/zQgf775Mm4z72VrrSybdlS725tk1IuSTrrwBaEoqzOg: Error getting validation data
-
Optional symptoms:
-
A test
.html
file located in the directory mentioned in the error, e.gС:\Inetpub\vhosts\example.com\.well-known\acme-challenge
, is not accessible from the Internet with the following error message in a browser:PLESK_INFO: HTTP Error 403.14 - Forbidden
The page you are trying to access is secured with Secure Sockets Layer (SSL). -
The following warning can be found at Plesk > Domains > example.com > Logs:
PLESK_INFO: WARN [extension/letsencrypt] Cannot check the token file is readable by others
-
Cause
Rewrite rules to HTTPS that are enabled in domain settings prevent the challenge from happening. Issuance of a Let's Encrypt certificate works only via HTTP.
Resolution
-
Go to Domains > example.com > File Manager and remove
.well-known
directory. -
Temporary disable the option Permanent SEO-safe 301 redirect from HTTP to HTTPS at Domains > example.com > Hosting Settings:
-
Disable custom redirect rules:
for Linux:
- Rename
.htaccess
file into.htaccess.orig
: Open Domains > example.com > File Manager > Clicknext to the
.htaccess
file > click Rename.
for Windows:
-
Temporary disable the option Require SSL/TLS at Domains > example.com > IIS Settings:
-
Rename
web.config
file intoweb.config.orig
: Open Domains > example.com > File Manager > Clicknext to the
web.config
file > click Rename. -
Connect to the server via RDP and disable all HTTP<->HTTPS rules in IIS Manager at Server > Sites > example.com > URL Rewrite:
- Rename
-
Install a Let's Encrypt certificate at Domains > example.com > Let's Encrypt.
Comments
0 comments
Please sign in to leave a comment.