Unable to reissue the Let's Encrypt SSL certificate in Plesk: DNS problem SERVFAIL looking up TXT

Marc López

Updated November 03, 2020 20:36

Plesk for Windows Plesk for Linux kb: technical ext: le ABT: Group B

Applicable to:

After applying the instructions for the Let's Encrypt SSL certificate issuing from the article the following error message received:
PLESK_ERROR: Could not issue a Let's Encrypt SSL/TLS certificate for example.com. Authorization for the domain failed.
Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/2634982859.
Details:
Type: urn:ietf:params:acme:error:dns
Status: 400
Detail: DNS problem: SERVFAIL looking up TXT for _acme-challenge.example.com - the domain's nameservers may be malfunctioning
The used nameservers for the example.com are managed externally
The TXT record for example.com is not propagated globally:

# dig -t txt _acme-challenge.example.com +short @8.8.8.8
#

The DNS TXT record was not added on the nameservers on the registrar-side.

Log in to Plesk
Go to Domains > example.com > Let's Encrypt check the Issue a wildcard SSL/TLS certificate option and click on Install

Note: After that do not click Continue/Reload
Then add the described DNS TXT record on the nameservers on the registrar-side.
After the TXT record was added on the nameservers on the registrar-side and DNS propagation will be finished, click Continue/Reload