Applicable to:
- Plesk for Windows
Symptoms
-
Unable to issue an SSL certificate using Let's Encrypt in Domains > example.com > SSL/TLS Certificates:
Could not issue an SSL/TLS certificate for example.com
Details
Could not issue a Let's Encrypt SSL/TLS certificate for example.com.
The authorization token is not available at http://example.com/.well-known/acme-challenge/6AkQ-N5vdWobP0yM2Wq9jJ8S6TKt0R1DCXfsGUGCdAY.
To resolve the issue, make sure that the token file can be downloaded via the above URL. -
The authorization token URL mentioned in the error can not be accessed via web browser failing with a 503 error.
-
The application pool
acme-challengestops when the authorization token URL is accessed via a web browser .
This can be checked in Windows, Internet Information Services (IIS) Manager > ServerName > Application Pools:
Cause
The user acme-challenge is not set/or doesn't have the correct permissions set to the app pool folder C:\Inetpub\temp\appools\acme-challenge
Resolution
Set the user acme-challenge and/or delegate "Full Control" permission to the acme-challenge app pool folder.
-
Connect to the server via RDP
-
Right-click on the folder
C:\Inetpub\temp\appools\acme-challenge, then click on Properties. -
On the Security tab, check that the
acme-challengeuser exists and that it hasfull controlpermission on the folder. -
Click Apply button.
-
Re-issue SSL certificate in Domains > example.com > SSL/TLS Certificates.
Comments
7 comments
In my case the application pool
acme-challengestops when the authorization token URL is accessed via a web browser because "Enable 32-Bit Applications" was set to "True".Set it to "False" resolved my issue.
Hi Wael Alsail, the issue you are describing seems slightly different. I will test it and create the necessary documentation.
There is no acme-challenge user to add full control. Any idea what to do next?
Ariel Lipschutz please try the solution in https://support.plesk.com/hc/en-us/articles/360014091719-Unable-to-issue-Let-s-Encrypt-certificate-for-domain-in-Plesk-misconfiguration-of-the-Common-Challenge-Directory starting from step 3. Otherwise please open a support ticket with us so we can continue working on this.
@... followed your steps, but i am having the same issue. There is no user acme-challenge to add
hi Ariel Lipschutz please a open a support ticket with us as described here https://support.plesk.com/hc/en-us/articles/213608509-How-to-submit-a-request-to-Plesk-support- so we can investigate.
not been able to solve it yet
Please sign in to leave a comment.