• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved Failed to renew SSL certificate with Let's encrypt extension

D

Dirk Illenberger

New Pleskian
Hi there,

I am using Plesk Onyx on an Ubuntu Linux to manage a couple of web sites. For most of the domains I use the Plesk "Let's encrypt" extension to manage SSL certificates. This used to work fine until recently when I received an error message that a certificate could not be renewed. I tried to to it manually by clicking on the "Renew" button in the "Let's encrypt" plesk extension. And again I got the same error message:

[2019-08-05 16:59:42.382] ERR [extension/letsencrypt] Domain validation failed for immo-wertschoepfung.de: Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz/ZwkvjOm1v7CHb2Ocms2N73pSkhaYegH90fkqgX4_FW8.
Details:
Type: urn:ietf:params:acme:error:connection
Status: 400
Detail: Fetching https://immo-wertschoepfung.de/.wel...e/J2Ixl-3TYR5XFC3LMl7-gJgVBu8nrmPFs1xeiedcnTY: Timeout during connect (likely firewall problem)

I did a bit of research and here are my results:

I haven't done any recent changes on the server apart from standard updates.

I googled for a while and found out that quite a few people have the same problem but I could not work out how to solve it in my case. So I very much appreciate any ideas and help from you guys.

Regards,
Dirk.
 
Hi Igor,

thank you very much for your answer. The nmap und dig tests were successful. In the article you referred to it says that it could also be a 30x redirection. In fact, I have such a redirection. So I removed it, tried to renew the certificate and it worked!!

I thought this was strange so I tried to renew certificates of other domains without removing the redirection. This worked perfectly. So, I really don't know what is different in the domain that didn't work but I am really happy that I have a way to renew the certificate.

Therefore, thank you very much Igor for pointing out this article.
Regards,
Dirk.
 
You must log in or register to reply here.

Similar threads

T
Issue SSL certificate renewal under cloudflare
Replies
0
Views
122
theplaza
T
L
Issue ( authorization token is unavailable ) Could not issue/renew Let`s Encrypt certificates
Replies
7
Views
359
Leta
L
J
Issue Let's encrypt for Plesk cannot be renewed status 500
Replies
1
Views
358
Sebahat.hadzhi
Sebahat.hadzhi
D
Issue Automatic renewal via SSLit doesn't work for wildcard certificates
Replies
3
Views
1K
D3nnis3n
D
M
Resolved Lets Encrypt not issuing certs for subdomains
Replies
2
Views
282
mendip_discovery
M
Back
Top