- Plesk Onyx for Linux
- Plesk Onyx for Windows
Unable to secure a domain and its aliases using Let's Encrypt. The following error message appears in Plesk:
PLESK_ERROR: Error: Could not issue a Let's Encrypt SSL/TLS certificate for example.com.
Your domain in Plesk is hosted on the IP address(es): , but the DNS challenge used another IP address: 203.0.113.2.
Please check the actual DNS zone of your domain and make sure that the IP addresses in the DNS zone and for the hosting are the same.
The following entries are found in
/usr/local/psa/admin/logs/panel.logwhen Plesk debug mode is enabled:
CONFIG_TEXT: WARN [extension/letsencrypt] Cannot get IP addresses for domain 'example2.com': Can not find domain by name 'example2.com'.
DEBUG [extension/letsencrypt] pm_Exception: Can not find domain by name 'example2.com'
Domain alias is resolving to another server. This can be checked using the "nslookup" utility:
# nslookup example.com 184.108.40.206
# nslookup example2.com 220.127.116.11
Aliases are resolving to a different server.
Point DNS records of aliases to the Plesk server on a registrar side, wait for DNS propagation to be completed and secure the domain and alias;
Log into Plesk
Go to Domains > example.com > SSL/TLS Certificates > Install
Uncheck the alias
example2.comin the Available Domain Aliases list:
Click Get it free.
Additionally, it is possible to enable Synchronize DNS zone with the primary domain option at Domains > example2.com to keep the DNS records synchronized between the domain and its alias.