Applicable to:
- Plesk for Linux
- Plesk for Windows
Symptoms
Unable to issue a Let's Encrypt certificate for a domain in Plesk, the process fails with the following error message:
Error: Could not issue a Let's Encrypt SSL/TLS certificate for example.com
The example.com DNS zone contains an AAAA record, but the domain is not assigned an IPv6 address in Plesk.
To resolve the issue, either assign an IPv6 address to example.com ("Websites & Domains" > "Web Hosting Access") or remove the AAAA record from the example.com DNS zone.
See the related Knowledge Base article for details.
Details
Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/qxK-vAPtGYg3YOSEcgZNB7HBd-unn4oX3GLtZWSxVPA.
Details:
Type: urn:acme:error:unauthorized
Status: 403
Cause
Domain resolves to an IPv6 address but the domain is not assigned or does not have an IPv6 in Plesk:
# dig @8.8.8.8 +short -t AAAA example.com
2001:db8:f61:a1ff:0:0:0:80
Resolution
Click on a section to expand
- Log in to Plesk
- Go to Domains > example.com > DNS Settings and remove AAAA record
- Log in to Plesk
- Go to Domains > example.com > Web Hosting Access and assign an IPv6 to the domain.
Note: IPv6 address should exist on network interface and in Tools & Settings > IP Addresses
Comments
2 comments
Cannot find solution 1
Marco Burkhardt please double check if you have an AAAA record:
If you do and the domain does not have an IPv6 assigned make sure the AAAA record is removed.
Which part was not found?
Please sign in to leave a comment.