Applicable to:
- Plesk for Linux
- Plesk for Windows
Symptoms
-
Installation of a Let's Encrypt certificate fails with one of the following error message in Plesk UI:
PLESK_ERROR: The authorization token is not available at http://example.com/.well-known/acme-challenge/Ab87T7gZtQeJBq0C2I44O9egoe-WXTTlE-hBmdvDCHM.
The token file 'С:\Inetpub\vhosts\example.com\.well-known\acme-challenge\Ab87T7gZtQeJBq0C2I44O9egoe-WXTTlE-hBmdvDCHM' is either unreadable or does not have the read permission.PLESK_ERROR: Detail: Fetching https:/example.com/.well-known/acme-challenge/zQgf775Mm4z72VrrSybdlS725tk1IuSTrrwBaEoqzOg: **Error getting validation data
PLESK_ERROR: Could not issue an SSL/TLS certificate for example.com
Details
Could not issue a Let's Encrypt SSL/TLS certificate for example.com. Authorization for the domain failed.
Details
Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/1708718328.
Details:
Type: urn:ietf:params:acme:error:connection
Status: 400
Detail: Fetching https://www.example.com/.well-known/acme-challenge/8DdIKX257k6Dih5s_saeVMpTnjPJdKO5Ase0OCiJrIw: Timeout during connect (likely firewall problem) -
Domains > example.com > Hosting Settings > Permanent SEO-safe 301 redirect from HTTP to HTTPS is enabled.
Cause
Rewrite rules to HTTPS prevent the issuing of a Let's Encrypt certificate.
Resolution
-
Go to Domains > example.com > File Manager and remove
.well-knowndirectory. -
Temporary disable the option Permanent SEO-safe 301 redirect from HTTP to HTTPS at Domains > example.com > Hosting Settings:
-
Disable custom redirect rules:
for Linux:- Rename
.htaccessfile into.htaccess.orig: Open Domains > example.com > File Manager > Click
next to the .htaccessfile > click Rename.
for Windows:-
Temporary disable the option Require SSL/TLS at Domains > example.com > IIS Settings:
-
Rename
web.configfile intoweb.config.orig: Open Domains > example.com > File Manager > Click next to the web.configfile > click Rename. -
Connect to the server via RDP and disable all HTTP<->HTTPS rules in IIS Manager at Server > Sites > example.com > URL Rewrite:
- Rename
-
Install a Let's Encrypt certificate at Domains > example.com > Let's Encrypt.
Comments
5 comments
Does anyone actually monitor these pages anymore?
Hi Glenn, as I can see the issue was addressed in the ticket.
We updating the articles on the regular basis, for the issue investigation it is better to create a ticket to our support department
This is not a resolution or a fix - this is an emergency workaround. When will this be fixed again? This problem seems to have come up with version 18.0.27 or some version of the Lets Encrypt extension. I can't do this for 200+ Domains. What is the status of EXTLETSENC-769?
Hello peterbo
See, the comment in https://support.plesk.com/hc/en-us/articles/115003199234
hello i have also this issue when i install certificate
One of the Let's Encrypt rate limits has been exceeded for newchoice.ga.
See the related Knowledge Base article for details.
Details
Details:
Type: urn:ietf:params:acme:error:rateLimited
Status: 429
Detail: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/
Please sign in to leave a comment.