• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Resolved Can't get Let's Encrype SSL for a temporary domain

glglchn

New Pleskian
I am having problem installing SSL from Let's Encrypt for a temporary domain. Any help is appreciated.

I added a temporary domain in Plesk to build a site before going live. However, I was not able to access the site, even the Plesk default page, due to potential security issue:

xxxxx.plesk.page has a security policy called HTTP Strict Transport Security (HSTS), which means that Firefox can only connect to it securely. You can’t add an exception to visit this site.

So I tried to add a Let's Encrypt SSL certificate, but it repeatedly failed, even though DNS is enabled in DNS Settings under Hosting & DNS and the txt record for the certificate is added. The detail of the error message is as the following:

Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/xxxx

Details:

Type: urn:ietf:params:acme:error:unauthorized

Status: 403

Detail: No TXT record found at xxx.plesk.page

When I use the NSLookup to check for the DNS record, the query was refused.
 
Since you dont manage the DNS for plesk.page, you cannot use wildcard certificates.
Generate one with only the domain, no wildcard/subdomains etc
 
I too am looking for a way around this. I am setting up a staging environment for a WordPress multi-site using subdomains which requires wildcard SSL certification. Is there no other option for this?
 
@robskinn, no, unfortunately there is no workaround, because you must own the plesk.page zone to set a wildcard DNS record there. But that would apply to all other users globally, too. I suggest to get a cheap real domain name, then you can easily use wildcards, because you are in control of the domain.
 
Back
Top