Articles in this section

Unable to install a Let's Encrypt certificate for a domain in Plesk for Windows: 404 Not Found

Daniel Yordanov
Updated
Plesk for Windows kb: technical ext: le ABT: Group B

Applicable to:

  • Plesk for Windows

Symptoms

  1. Cannot issue Let's Encrypt certificate for a domain in Plesk for Windows:

    PLESK_ERROR: Error: Could not issue a Let's Encrypt SSL/TLS certificate for example.com.

    The authorization token is not available at http://example.com/.well-known/acme-challenge/.
    To resolve the issue, make it is possible to download the token file via the above URL.
    See the related Knowledge Base article for details.

    Additional error details:
    Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/_oRgI1kwh53Fr07VRtI-55Zj7NqY75KI5e41PCsQqow.
    Details:
    Type: urn:acme:error:unauthorized
    Status: 403
    Detail: Invalid response from http://example.com/.well-known/acme-challenge/uxIoK_7-BjsuBu362yQ_QD5ovykddVeyKEgfEAre9P8: "\

    HTTP Error 404.0 - Not Found 
    The resource you are looking for has been removed, had its name changed, or is temporarily unavailable

    PLESK_ERROR: Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/1YlUBtqQj2_y-a27jw543sFO0SaxHxlbw_XmASO2jwI
    Details: 
    Type: urn:acme:error:unauthorized 
    Status: 403

    PLESK_ERROR: The authorization token is not available at http://example.com/page1/WZHzw8e9HGAqMz-Kvu76RvNc9OiqiXZ-ee1AjTGrjkM.
    The token file 'D:\domains\example.com\httpdocs\\page1\WZHzw8e9HGAqMz-Kvu76RvNc9OiqiXZ-ee1AjTGrjkM' is either unreadable or does not have the read permission.
    To resolve the issue, correct the permissions on the token file to make it is possible to download it via the above URL.

  2. test.txt file created in the example.com\httpdocs\.well-known\acme-challenge\ folder is not accessible in browser at http://example.com/.well-known/acme-challenge/test.txt :

    PLESK_INFO: The page cannot be displayed because an internal server error has occurred.

    CONFIG_TEXT: 404 Not Found

    CONFIG_TEXT: 403 Forbidden

Cause

A Let's Encrypt authorization token is handled incorrectly as an ASP or ASP.NET application due to the site code and the used custom web.config configurations.

Resolution

The permanent solution to the issue requires that you check the site code and web.config file in order to determine what exactly within them is causing the Let's Encrypt authorization token to become unreachable.

In the meantime, in order to issue the Let's Encrypt SSL for the domain successfully, you can execute the following workaround:

Workaround

 

  1. Log into the Windows server via RDP

  2. Rename the web.config file to web.config.bak in the example.com\httpdocs folder via Windows Explorer or the Plesk File Manager:

    mceclip0.png

  3. Log into Plesk, go to Domains > example.com > Hosting & DNS > Hosting > Web scripting and uncheck the boxes for Microsoft ASP and Microsoft ASP.NET support in order to disable them:

  4. Scroll down and press Save
  5. Make sure test.txt file created in the example.com\httpdocs\.well-known\acme-challenge\ folder is accessible from the Internet at http://example.com/.well-known/acme-challenge/test.txt
  6. Install a Let's Encrypt certificate at Domains > example.com > SSL/TLS Certificates

  7. Go to Domains > example.com > Hosting & DNS > Hosting > Web scripting and check the boxes for Microsoft ASP and Microsoft ASP.NET support in order to enable them again

  8. Scroll down and press Save

  9. Rename the web.config.bak file back to web.config via Windows Explorer or the Plesk File Manager

    mceclip4.png

 

Was this article helpful?

Comments

0 comments

Please sign in to leave a comment.