Applicable to:
- Plesk for Linux
- Plesk for Windows
Symptoms
Attempts to request or renew an SSL/TLS certificate via Domains > example.com > SSL/TLS Certificate result in the following errors such as:
PLESK_ERROR: Could not issue an SSL/TLS certificate for example.com
Details: Could not issue a Let's Encrypt SSL/TLS certificate for example.com.
Details: Could not obtain directory: cURL error 52: Empty reply from server (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://acme-v02.api.letsencrypt.org/directory
Direct curl request from a Kazakhstan-based server shows:
# curl -v https://acme-v02.api.letsencrypt.org/directory
> GET /directory HTTP/2
> Host: acme-v02.api.letsencrypt.org
> User-Agent: curl/7.61.1
> Accept: */*
>
* Empty reply from server
curl: (52) Empty reply from server
However, the same command executed from a non-Kazakhstan IP returns a valid response:
# curl -v https://acme-v02.api.letsencrypt.org/directory
< HTTP/2 200
< content-type: application/json
< cache-control: public, max-age=0, no-cache
...
Cause
The root cause is connectivity limitations between Kazakhstan IP addresses and the Let's Encrypt ACME API. Affected servers experience:
- Regional filtering or geo-blocking from Let's Encrypt
- Rate limiting by ASN or IP range
Similar issues have been reported in the Let’s Encrypt community forums
Resolution
Submit feedback with your IP and command output to the Let’s Encrypt Community for further analysis.
Alternatively, use one of the following workarounds:
- Use a VPN or a remote server located outside of Kazakhstan to issue the certificate
- Use another SSL provider if urgent issuance is required
Comments
0 comments
Please sign in to leave a comment.