• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue Can't issue SSL certificate!? Help!

carlsson

carlsson

Basic Pleskian
Server operating system version
Ubuntu 20.04.6 LTS
Plesk version and microupdate number
Obsidian Version 18.0.58 Update #2
Short story:
Wordpress site is located on another server.
Email is located on our server.
DNS is hosted by the registrar.
How can I install a Let's Encrypt certificate with the help of Plesk?

Long story:
I have a client that moved their site to another Wordpress service (Kinsta) because their home page designer wanted that.
They still have email on our server though.
The DNS is hosted by the registrar.

I started to get annoying "Can't issue certificate for the domain" emails.
So I looked into this, and it turns out that Kinsta is using the same subdomain as Let's Encrypt, ie "_acme-challenge" (why do they do that!?).
To solve it I was thinking to temporarily delete the Kinsta CNAME record, and create a Let's Encrypt certificate, but I get errors.

"Your domain in Plesk is hosted on the IP address(es): 123, but the DNS challenge used another IP: 456.​
Make sure that the IP address(es) specified in the domain's DNS zone match the IP address(es) the domain is hosted on."​

Furthemore, Plesk says that the Domain is not resolvable.
How can I get rid of that error?
1710402740480.png

What is the proper setup here?

Please help, I'm a little bit confused.
 
That explains it. Thanks!

Is it possibe to get rid of the annoying "Domain is not resolvable"? It doesn't seem to matter though, but it's nice to have a clean interface. :)
 
When you have the DNS component installed on the system, the server believes that it is the responsible DNS server for the domain. You need to tell your server that it is only secondary to your external nameserver. Documentation: Plesk as a Secondary DNS Server
However, I am not sure whether this is right for you, because it might just be the case that this is not secondary but a superfluous installation of Bind when you are not using it anyway. In that case you could equally well remove your local DNS component.
 
Peter Debik said:
When you have the DNS component installed on the system, the server believes that it is the responsible DNS server for the domain. You need to tell your server that it is only secondary to your external nameserver. Documentation: Plesk as a Secondary DNS Server
However, I am not sure whether this is right for you, because it might just be the case that this is not secondary but a superfluous installation of Bind when you are not using it anyway. In that case you could equally well remove your local DNS component.
Click to expand...
Thanks for the input Peter. However, I like to have the DNS component so I easily can copy the DKIM records. And maybe I want to use the server as a DNS in the future. Does it do any harm to have it installed?

This is the only case I have where the hosting is elsewhere, and some other strange problems have arised due to this.
 
You must log in or register to reply here.

Similar threads

M
Resolved Lets Encrypt not issuing certs for subdomains
Replies
2
Views
1K
mendip_discovery
M
H
Resolved Problem with install Let's Encrypt SSL/TLS certificate
Replies
6
Views
2K
HungLuu
H
carlsson
Issue Mail on Plesk, web on other provider, how do I create a correct SSL?
Replies
2
Views
857
carlsson
carlsson
G J Piper
Resolved SSL It! Let's Encrypt Not Issuing Certificate on MX-only Domain
Replies
8
Views
559
G J Piper
G J Piper
S
Question let's encrypt TXT record and nameserver-problem
Replies
2
Views
560
SiegbertG
S
Back
Top