Unable to reissue the Let's Encrypt SSL certificate in Plesk: DNS problem SERVFAIL looking up TXT

Symptoms

• After applying the instructions for the Let's Encrypt SSL certificate issuing from the article the following error message received:

  PLESK_ERROR: Could not issue a Let's Encrypt SSL/TLS certificate for example.com. Authorization for the domain failed.
  Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/2634982859.
  Details:
  Type: urn:ietf:params:acme:error:dns
  Status: 400
  Detail: DNS problem: SERVFAIL looking up TXT for _acme-challenge.example.com - the domain's nameservers may be malfunctioning

• The used nameservers for the example.com are managed externally
• The TXT record for example.com is not propagated globally:
  

  # dig -t txt _acme-challenge.example.com +short  @8.8.8.8
  #

Cause

The DNS TXT record was not added on the nameservers on the registrar-side.

Resolution

1. Log in to Plesk

2. Go to Domains > example.com > Let's Encrypt check the Issue a wildcard SSL/TLS certificate option and click on Install

   Note: After that do not click Continue/Reload

3. Then add the described DNS TXT record on the nameservers on the registrar-side.

4. After the TXT record was added on the nameservers on the registrar-side and DNS propagation will be finished, click Continue/Reload