Articles in this section

Issuing/renewing Let's Encrypt certificate on Plesk for Windows server fails: https://acme-challenge.localhost Invalid hostname in redirect target, must end in IANA registered TLD

Taras Ermoshin
Updated
Plesk for Windows DoNotDelete:docref kb: technical

Applicable to:

  • Plesk for Windows

Symptoms

  • Let's Encrypt certificate for a particular domain in Plesk for Windows can not be renewed automatically with the error message below:

    Failed to renew certificate of domain 'example.com': Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/13769068820.
    Details:
    Type: urn:ietf:params:acme:error:connection
    Status: 400
    Detail: Fetching https://acme-challenge.localhost:443/.well-known/acme-challenge/jhpl_titvpnxqcffch5s9semwhzx1ytmjnhnngeyqek:
    Invalid hostname in redirect target, must end in IANA registered TLD

  • In the document root of the affected domain, there is the file .htaccess.

In IIS > Servername > ISAPI Filters
ISAPI_Rewrite_32 and ISAPI_Rewrite_x64 filters points to :
C:\Program Files\Helicon\ISAPI_Rewrite3\ISAPI_Rewrite.dll

Cause

In IIS on the affected domain, the third party ISAPI filter "ISAPI_Rewrite 3" (Apache .htaccess mod_rewrite compatible module for IIS) is enabled.

Resolution

  1. Log into Plesk.

  2. Go to Domains > example.com > File Manager page and rename the file .htaccess.
Was this article helpful?

Comments

1 comment
Date Votes
  • Avatar
    Yener Adal

    I have this issue but I don't have a .htaccess file or the ISAPI_Rewrite 3 filter. I believe it has to do with HSTS "Redirect Http to Https" being enabled.

    When I disable this setting, the renewal is successful.

    0

Please sign in to leave a comment.