- Plesk for Windows
- Plesk for Windows
Installation of a Let's Encrypt certificate fails with the following error message in Plesk:
PLESK_ERROR: Error: Could not issue a Let's Encrypt SSL/TLS certificate for example.com.
The authorization token is not available at http://example.com/.well-known/acme-challenge/Ab87T7gZtQeJBq0C2I44O9egoe-WXTTlE-hBmdvDCHM.
The token file 'С:\Inetpub\vhosts\example.com\.well-known\acme-challenge\Ab87T7gZtQeJBq0C2I44O9egoe-WXTTlE-hBmdvDCHM' is either unreadable or does not have the read permission.
To resolve the issue, correct the permissions on the token file to make it is possible to download it via the above URL.
Detail: Invalid response from http://example.com/.well-known/acme-challenge/Ab87T7gZtQeJBq0C2I44O9egoe-WXTTlE-hBmdvDCHM [203.0.113.2]: 500
.htmlfile located in the directory
С:\Inetpub\vhosts\example.com\.well-known\acme-challengeis not accessible from the Internet with the following error message in a browser:
PLESK_INFO: HTTP Error 403.14 - Forbidden
The page you are trying to access is secured with Secure Sockets Layer (SSL).
The following warning can be found at Plesk > Domains > example.com > Logs:
PLESK_INFO: WARN [extension/letsencrypt] Cannot check the token file is readable by others
Rewrite rules to HTTPS that are enabled in domain settings prevent the challenge from happening. Issuance of a Let's Encrypt certificate works only via HTTP.
Go to Domains > example.com > File Manager and remove
If custom redirect rules are configured in the
web.configfile, temporary rename it to
web.config.orig: Click next to the
web.configfile > click Rename.
Temporary disable the option Permanent SEO-safe 301 redirect from HTTP to HTTPS at Domains > example.com > Hosting Settings:
Temporary disable the option Require SSL/TLS at Domains > example.com > IIS Settings:
Connect to the server via RDP and disable all HTTP<->HTTPS rules in IIS Manager at Server > Sites > example.com > URL Rewrite:
Install a Let's Encrypt certificate at Domains > example.com > Let's Encrypt.
Revert the changes that has been done on the steps 2, 3 and 4, if required.