Unable to issue or renew Let's Encrypt certificate in Plesk when external DNS server is used: Incorrect TXT record

Follow

Comments

6 comments

  • Avatar
    Kai Eisbrenner

    How to force the "Start to issuing" dialog in step 5, if plesk does not show this? In the e-mail, that tells, the acme challegnde is wrog, only the found wrong content is contained, but how to force to get the current expected in order to update the dns entry (dns servers are not on the same server as plesk resides on)

    0
    Comment actions Permalink
  • Avatar
    Julian Bonpland Mignaquy

    Kai Eisbrenner in order to get the message again go through the steps once again and Click on Reissue certificate.

     

    1
    Comment actions Permalink
  • Avatar
    Maarten Westera

    i know but what is annoying is that if you're relying on a 3rd party to create the TXT record. the webpage has expired before it can be created. and then you start again with a completely different record..

    0
    Comment actions Permalink
  • Avatar
    Mark Waterhouse

    I have come across this problem several times as many Plesk installations are single nodes and therefore dont have multiple DNS servers

    The 'fix' we have come up with is to request/renew the certificate via CLI

    So, for mydomain.com

    plesk bin extension --exec letsencrypt cli.php --webroot-path /var/www/vhosts/mydomain.com/httpdocs -d mydomain.com -d webmail.mydomain.com -d www.mydomain.com -m email@mydomain.com

     

    This negates the issue with DNS transfer timeouts

    0
    Comment actions Permalink
  • Avatar
    Felipe Santos (Edited )

    there is no button "Reissue certificate"
    - the isue was a firewall blocking.
    i would like to know which ports are need to lets encrypt generate a new SSL?

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request