Cannot install Let's Encrypt certificate: Let's Encrypt SSL certificate installation failed: Failed letsencrypt execution: Failed authorization procedure. 404

Created:

2016-11-16 12:49:25 UTC

Modified:

2017-05-25 19:23:34 UTC

3

Was this article helpful?


Have more questions?

Submit a request

Cannot install Let's Encrypt certificate: Let's Encrypt SSL certificate installation failed: Failed letsencrypt execution: Failed authorization procedure. 404

Applicable to:

  • Plesk 12.5 for Linux
  • Plesk Onyx for Linux
  • Plesk 12.5 for Windows

Symptoms

Cannot install Let's Encrypt certificate for a domain. The following error is shown in Plesk:

Error: Let's Encrypt SSL certificate installation failed: Failed letsencrypt execution: Failed authorization procedure. www.example.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.example.com/.well-known/acme-challenge/DqdSr_8FIGocVT1VJpWYckpUIbDwTvkmL1H1A6BN36U [203.0.113.2]: 404, example.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://example.com/.well-known/acme-challenge/LfCVi2XCovUAlgqCDdlrTUWWlOeTaM8yHK9pINmc2dM [203.0.113.2]: 404

Or:


Error Let's Encrypt SSL certificate installation failed: Challenge marked as invalid. Details: Invalid response from http://example.com/.well-known/acme-challenge/OvjxRdE8fzm4hIrhzT_fTj7LcKCfdsgGz_gYdqLJYTw: "<!DOCTYPE html> <html lang="en-US"> <head> <meta charset="UTF-8" /> "ta name="viewport" content="width=device-width" />

Cause

  • Custom URL rewrite rules are defined.
  • Domain resolves to another IP address.

Resolution

Windows:

  1. Make sure the domain is accessible via HTTP and returns no error.
  2. Check if domain resolves to the same IP as configured in Plesk. Update DNS records if necessary.
  3. Check if manually created files are loading without any error. To check this, perform the following:
    1. Create a file in .test folder inside the domain's directory. For example, a path to the file can look like this:
      D:\inetpub\vhosts\example.com\httpdocs\.test\test
    2. Try to open this file using any browser:
      http://example.com/.test/test
    3. In case if the file could not be opened, turn off all rewrite modules and applications which have the ability to rewrite URLs.
  4. Temporary disable URL rewrite rules and install Let's Encrypt SSL certificate.
    For that do the following:

    1. Open %plesk_vhosts%/example.com/httpdocs/ folder in Windows Explorer.
    2. Rename web.config file to web.config.bak .
    3. Install Let's Encrypt SSL certificate in Plesk.
    4. Rename web.config.bak file back to web.config .

Linux

  1. Make sure the domain is accessible via HTTP and returns no error.
  2. Check if domain resolves to the same IP as configured in Plesk. Update DNS records if necessary.
  3. Temporarily move the .htaccss file from affected domain httpdocs or rename it.
  4. Try to create the certificate.
  5. Once the certificate is created, revert the .htaccess file or rewrite settings back.
  6. Do required changes on registrar side.
Have more questions? Submit a request
Please sign in to leave a comment.