Facebook
TwitterLast summer I used Let's encrypt as well as Plesk. I have encountered this problem three times since then.
"Could not issue a Let's Encrypt SSL/TLS certificate for DOMAIN" error.
Since IPv6 can't be used under my contract, troubleshooting in the above error sentence couldn't be used.
The solution I found is as follows.
Delete error website certificate. Invalid use of SSL/TLS of website, erase additional directive. Once I update the website settings. And delete the .well-known directory. Then restore the setting again. Then install the certificate with Let's Encrypt module.
I asked my close friend this symptom. It was said that this was not a Let's Encrypt but a problem on Plesk side (or a problem with Let's Encrypt plugin in Plesk).
When I first encountered this problem, I didn't know the solution and broke the whole server. This type of problem is very scary.
Is there a way to prevent this authentication problem?
--
CentOS 7.3 / Plesk 17.0.17 update 42
"Could not issue a Let's Encrypt SSL/TLS certificate for DOMAIN" error.
Error: Could not issue a Let's Encrypt SSL/TLS certificate for MY-DOMAIN.
The authorization token is not available at https://MY-DOMAIN/.well-known/acme-challenge/GGGHHHIIIJJJKKK.
The token file '/MY-FULL-PATH/ROOT//.well-known/acme-challenge/GGGHHHIIIJJJKKK' is either unreadable or does not have the read permission.
To resolve the issue, correct the permissions on the token file to make it is possible to download it via the above URL.
See the related Knowledge Base article for details.
Details
Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/AAABBBCCCDDDEEEFFF.
Details:
Type: urn:acme:error:unauthorized
Status: 403
Detail: Invalid response from http://MY-DOMAIN/.well-known/acme-challenge/GGGHHHIIIJJJKKK: "<html>
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr><center>"
The authorization token is not available at https://MY-DOMAIN/.well-known/acme-challenge/GGGHHHIIIJJJKKK.
The token file '/MY-FULL-PATH/ROOT//.well-known/acme-challenge/GGGHHHIIIJJJKKK' is either unreadable or does not have the read permission.
To resolve the issue, correct the permissions on the token file to make it is possible to download it via the above URL.
See the related Knowledge Base article for details.
Details
Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/AAABBBCCCDDDEEEFFF.
Details:
Type: urn:acme:error:unauthorized
Status: 403
Detail: Invalid response from http://MY-DOMAIN/.well-known/acme-challenge/GGGHHHIIIJJJKKK: "<html>
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr><center>"
Since IPv6 can't be used under my contract, troubleshooting in the above error sentence couldn't be used.
The solution I found is as follows.
Delete error website certificate. Invalid use of SSL/TLS of website, erase additional directive. Once I update the website settings. And delete the .well-known directory. Then restore the setting again. Then install the certificate with Let's Encrypt module.
I asked my close friend this symptom. It was said that this was not a Let's Encrypt but a problem on Plesk side (or a problem with Let's Encrypt plugin in Plesk).
When I first encountered this problem, I didn't know the solution and broke the whole server. This type of problem is very scary.
Is there a way to prevent this authentication problem?
--
CentOS 7.3 / Plesk 17.0.17 update 42
