- Plesk Obsidian for Windows
The Plesk of 18.0.26 version or newer is installed on the server
Unable to issue a Let’s Encrypt certificate in Domains > example.com > SSl/TLS Certificates > Get it free, the process fails with the following error:
CONFIG_TEXT: Could not access the following file or directory: 'C:\Program Files (x86)\Plesk\var\acme-challenge/web.config'.
Please make sure that the domain's system user has read and write access to this file or directory.
CONFIG_TEXT: The authorization token is not available at http://example.com/.well-known/acme-challenge/qgU4e7ba4V7Tk69t4hYIYm09LJHktMaJIhPIngrOYFM.
To resolve the issue, make sure that the token file can be downloaded via the above URL.
The following messages can be found in the
%plesk_dir%admin\logs\php_error.logfile with the debug enabled:
CONFIG_TEXT: DEBUG [extension/sslit] Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/5298134528.<br>
Detail: Invalid response from http://example.com/.well-known/acme-challenge/ABCdE012_DRzM2ChDDWcqHwjZ5FORmnopq543210XYZ
[203.0.113.2]: "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
INFO [extension/sslit] The count of the notifications which are waiting
to be sent: 143.
Unable to secure (renew) Plesk interface with Let's Encrypt certificate in Tools & Settings > SSL & TLS certificates:
PLESK_ERROR: Could not request a Let's Encrypt SSL/TLS certificate for hostname.com
Go to http://hostname.com/.well-known/acme-challenge/HNYz-pKf-JtRgX-1gIFl2VrK2inUQs2uwIPWJuYnN3g and сheck if the authorization token is available.
If it is, try to request the certificate again. If the token is not available, there may be an issue with your DNS configuration.
Your domain in Plesk is hosted on the IP address(es): , but the DNS challenge used another IP: 203.0.113.2
The misconfiguration of the Common Challenge Directory.
Log into the server via RDP
Go to Start > Windows System > Administrative Tools > Internet Information Services (IIS) Manager > ServerName > Sites
Find and remove the
acme-challengesite if it exists:
Note: Copy the
%plesk_dir%etc\acme-challenge.configfile to the
%plesk_dir%var\acme-challenge\web.configif it does not exist.
acme-challengesite by executing the command:
C:\> plesk sbin websrvmng --add-acme-challenge-site
Run the command below to set the correct permissions for the Common Challenge Directory:
C:\> plesk repair --directory-permissions -directory "%plesk_dir%var"
Disable and re-enable Common Challenge Directory:
C:\>plesk ext sslit --common-challenge-dir -disable
C:\>plesk ext sslit --common-challenge-dir -enable