• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue Can't Reload or Cancel Let's Encrypt SSL/TLS Certificate

J

jherron

New Pleskian
Server operating system version
CentOS Linux 7.9.2009 (Core)
Plesk version and microupdate number
Obsidian Version 18.0.52
I had an SSL/TLS Certificate installed for a domain but it expired, and then I tried to delete the certificate so I could re-install but when I go to SSL/TLS Certificates in Plesk I can only 'Reload' or 'Cancel'. If I Reload it says:

Your domain is not secured with a valid SSL/TLS сertificate. Order or install it to secure data transfer, credit card transactions, logins, and other personal information.

To secure your domain, order a new certificate from the list below or upload an already purchased certificate.

When I click Cancel, I can click Install and then click Get it Free but it doesn't do anything and when I close the panel it shows the same message I get after clicking 'Reload', so I am stuck in a loop and am not sure what else to do.

My server knowledge is limited. Any help would be greatly appreciated.
 
jherron said:
... and then click Get it Free but it doesn't do anything ...
Click to expand...
This should display a page with four checkboxes, where you can select if the "www" and "webmail" subdomain shall be included in the certificate. From your description I understand that you click in "Get it Free", but you are not forwarded to that page. Is that a correct description of the situation?
 
Last edited:
Peter Debik said:
This should display a page with four checkboxes, where you can select if the "www" and "webmail" subdomain shall be included in the certificate. From your description I understand that you click in "Get if Free", but you are not forwarded to that page. Is that a correct description of the situation?
Click to expand...
I do get to the page with four checkboxes and the available domain aliases show correctly, but when I go to install it goes to a page I attached.
 

Attachments

  • Screenshot 2023-05-30 at 2.16.43 PM.png
    Screenshot 2023-05-30 at 2.16.43 PM.png
    398.4 KB · Views: 7
This is all I get on the page that says Reload or Cancel, I know the step you are referring too but I never get the page that shows the txt record to add to the DNS before clicking Reload.
 

Attachments

  • Screenshot 2023-05-30 at 3.10.09 PM.png
    Screenshot 2023-05-30 at 3.10.09 PM.png
    124.1 KB · Views: 11
I installed the cert no problem the first time, but after it expired, I may have done something incorrectly to delete it so I could try the install again.
 
That seems like a broken installation of the SSL It extension. We can troubleshoot more specific issues if you enable debug mode and post the panel logs, but for starters just try to reinstall the SSL It extension: https://support.plesk.com/hc/en-us/articles/12377511962007

That guide above shows how to do it on the web interface. On an SSH terminal, just run these two commands:
Code: 
 plesk bin extension -u sslit
Code: 
 plesk bin extension -i sslit
 
I tried running both commands, went to SSL Certificates for [redacted] and tried Install again but it did the same thing.

How do I enable debug log?

Thanks for your help.
 
Last edited by a moderator:
I have also exactly the same problem. Worked for a few years and always the TXT record to enter was shown but now I also only see the blue pop up with only the buttons…
 
I just tried another test and then viewed the Plesk section of the Log Browser and found this right after my test...

Domain validation failed for *.[redacted]: Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/232495330717.
Details:
Type: urn:ietf:params:acme:error:unauthorized
Status: 403
Detail: Incorrect TXT record "AiUQ9L4pCpRVXipG8BAhvkwn8U5kDbTj8AHQAh41Y6Y" found at _acme-challenge.[redacted]

I do have a DNS txt record with the name '_acme-challenge' with a value of 'AiUQ9L4pCpRVXipG8BAhvkwn8U5kDbTj8AHQAh41Y6Y' so I am not sure what is wrong.
 
Last edited by a moderator:
jherron said:
I just tried another test and then viewed the Plesk section of the Log Browser and found this right after my test...

Domain validation failed for *.[redacted]: Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/232495330717.
Details:
Type: urn:ietf:params:acme:error:unauthorized
Status: 403
Detail: Incorrect TXT record "AiUQ9L4pCpRVXipG8BAhvkwn8U5kDbTj8AHQAh41Y6Y" found at _acme-challenge.[redacted]

I do have a DNS txt record with the name '_acme-challenge' with a value of 'AiUQ9L4pCpRVXipG8BAhvkwn8U5kDbTj8AHQAh41Y6Y' so I am not sure what is wrong.
Click to expand...
Looks like your DNS zone is at GoDaddy and you're missing that txt record:

Network Tools: DNS,IP,Email

DNS and Network troubleshooting and diagnostic tools integrated into one sweet interface.
mxtoolbox.com mxtoolbox.com
 
Last edited by a moderator:
You must log in or register to reply here.

Similar threads

K
Resolved Plesk panel update fails with "certificate has expired"
Replies
3
Views
557
Sebahat.hadzhi
Sebahat.hadzhi
H
Resolved Problem with install Let's Encrypt SSL/TLS certificate
Replies
6
Views
2K
HungLuu
H
S
Issue Let's Encrypt/SSL It! empty domain name error
Replies
8
Views
1K
SilentWarrior
S
R
Issue Problems Issuing a Let's Encrypt Certificate
Replies
6
Views
889
Robin McDermott
R
Polli
Issue Mails only possible with a wildcard certificate
Replies
5
Views
537
Polli
Polli
Back
Top