Facebook
Twitter
thomas wagner
New Pleskian
Hi to all,
since several days I'm digging around a Certificate problem. We are using a Windows 2019 Server with Plesk Obsedian V18.0.29_build20200807.15
The renewal of the Let's encrypt certs worked like a charm, since no certificate was renewed about 15 days ago.
Whenever a certificate should be renewed (or created) I got the following message (for all of our daomins):
Could not issue an SSL/TLS certificate for <domain>
The authorization token is not available at http://<domain>/.well-known/acme-challenge/2-rwwaODhSgh6Kqli0110SpRdczjupnN0V6PsqSxGzU.
In the PHP error log:
[2020-08-12 10:29:35] ERR [extension/letsencrypt] Domain validation failed: Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/6478172285.
Details:
Type: urn:ietf
arams:acme:error:unauthorized
Status: 403
Detail: Invalid response from http://<domain>/.well-known/acme-challenge/2-rwwaODhSgh6Kqli0110SpRdczjupnN0V6PsqSxGzU [92.204.49.53]: "<!DOCTYPE html>\r\n<html lang=\"en\">\r\n<head>\r\n <meta charset=\"utf-8\">\r\n <meta http-equiv=\"x-ua-compatible\" content=\"ie=edge\">\r\n "
[2020-08-12 10:29:35] ERR [extension/sslit] Error happened while certificate processing : <span class='plesk-ext-letsencrypt--ui-problem-adviser-unauthorized-token-is-not-available-error' hidden></span>Could not issue a Let's Encrypt SSL/TLS certificate for <b><domain></b>.
<br/>
<br/>The authorization token is not available at <a href='http://<domain>/.well-known/acme-challenge/2-rwwaODhSgh6Kqli0110SpRdczjupnN0V6PsqSxGzU' target='_blank'>http://<domain>/.well-known/acme-challenge/2-rwwaODhSgh6Kqli0110SpRdczjupnN0V6PsqSxGzU</a>.
<br/>To resolve the issue, make sure that the token file can be downloaded via the above URL.
<br/><a href='Plesk Help Center' target='_blank'>See the related Knowledge Base article for details.</a>
<br/><span class='plesk-ext-letsencrypt--details-toggler' data-details-content-id='plesk-ext-letsencrypt--details-content-lb6CsDMagxUrhMgw' onclick='PleskExt.Letsencrypt.toggleCollapsibleDetails(this); return false;'>Details</span><div class='plesk-ext-letsencrypt--details-content' id='plesk-ext-letsencrypt--details-content-lb6CsDMagxUrhMgw' style='display: none'>Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/6478172285.<br />
Details:<br />
Type: urn:ietfarams:acme:error:unauthorized<br />
Status: 403<br />
Detail: Invalid response from http://<domain>/.well-known/acme-challenge/2-rwwaODhSgh6Kqli0110SpRdczjupnN0V6PsqSxGzU [92.204.49.53]: "<!DOCTYPE html>\r\n<html lang=\"en\">\r\n<head>\r\n <meta charset=\"utf-8\">\r\n <meta http-equiv=\"x-ua-compatible\" content=\"ie=edge\">\r\n "</div><br/>
The token file is generated correctly in both folders:
c:\inetpub\vhosts\<domain>\httpdocs\.well-known\acme-challenge\
c:\Program Files (x86)\Plesk\var\acme-challenge\
When I try to access the token file (or another file in the acme challange directories with https://<domain>/.well-known/acme-challenge/2-rwwaODhSgh6Kqli0110SpRdczjupnN0V6PsqSxGzU. I get the expected result.
But when I try it with http (http://<domain>/.well-known/acme-challenge/2-rwwaODhSgh6Kqli0110SpRdczjupnN0V6PsqSxGzU. )
I get a 403 - Forbidden message
or
502 - Web server received an invalid response while acting as a gateway or proxy server.
(Depends on the <Domain>)
The credentials are set to anonymouse Access in Plesk and also in the IIS Manager.
I already tried to delete the acme folder, to repair the credentials, disabled/enabled http to https redirection.
Does anybody have an idea?
Regards
Thomas
since several days I'm digging around a Certificate problem. We are using a Windows 2019 Server with Plesk Obsedian V18.0.29_build20200807.15
Whenever a certificate should be renewed (or created) I got the following message (for all of our daomins):
Could not issue an SSL/TLS certificate for <domain>
The authorization token is not available at http://<domain>/.well-known/acme-challenge/2-rwwaODhSgh6Kqli0110SpRdczjupnN0V6PsqSxGzU.
In the PHP error log:
[2020-08-12 10:29:35] ERR [extension/letsencrypt] Domain validation failed: Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/6478172285.
Details:
Type: urn:ietf
arams:acme:error:unauthorizedStatus: 403
Detail: Invalid response from http://<domain>/.well-known/acme-challenge/2-rwwaODhSgh6Kqli0110SpRdczjupnN0V6PsqSxGzU [92.204.49.53]: "<!DOCTYPE html>\r\n<html lang=\"en\">\r\n<head>\r\n <meta charset=\"utf-8\">\r\n <meta http-equiv=\"x-ua-compatible\" content=\"ie=edge\">\r\n "
[2020-08-12 10:29:35] ERR [extension/sslit] Error happened while certificate processing : <span class='plesk-ext-letsencrypt--ui-problem-adviser-unauthorized-token-is-not-available-error' hidden></span>Could not issue a Let's Encrypt SSL/TLS certificate for <b><domain></b>.
<br/>
<br/>The authorization token is not available at <a href='http://<domain>/.well-known/acme-challenge/2-rwwaODhSgh6Kqli0110SpRdczjupnN0V6PsqSxGzU' target='_blank'>http://<domain>/.well-known/acme-challenge/2-rwwaODhSgh6Kqli0110SpRdczjupnN0V6PsqSxGzU</a>.
<br/>To resolve the issue, make sure that the token file can be downloaded via the above URL.
<br/><a href='Plesk Help Center' target='_blank'>See the related Knowledge Base article for details.</a>
<br/><span class='plesk-ext-letsencrypt--details-toggler' data-details-content-id='plesk-ext-letsencrypt--details-content-lb6CsDMagxUrhMgw' onclick='PleskExt.Letsencrypt.toggleCollapsibleDetails(this); return false;'>Details</span><div class='plesk-ext-letsencrypt--details-content' id='plesk-ext-letsencrypt--details-content-lb6CsDMagxUrhMgw' style='display: none'>Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/6478172285.<br />
Details:<br />
Type: urn:ietf
arams:acme:error:unauthorized<br />Status: 403<br />
Detail: Invalid response from http://<domain>/.well-known/acme-challenge/2-rwwaODhSgh6Kqli0110SpRdczjupnN0V6PsqSxGzU [92.204.49.53]: "<!DOCTYPE html>\r\n<html lang=\"en\">\r\n<head>\r\n <meta charset=\"utf-8\">\r\n <meta http-equiv=\"x-ua-compatible\" content=\"ie=edge\">\r\n "</div><br/>
The token file is generated correctly in both folders:
c:\inetpub\vhosts\<domain>\httpdocs\.well-known\acme-challenge\
c:\Program Files (x86)\Plesk\var\acme-challenge\
When I try to access the token file (or another file in the acme challange directories with https://<domain>/.well-known/acme-challenge/2-rwwaODhSgh6Kqli0110SpRdczjupnN0V6PsqSxGzU. I get the expected result.
But when I try it with http (http://<domain>/.well-known/acme-challenge/2-rwwaODhSgh6Kqli0110SpRdczjupnN0V6PsqSxGzU. )
I get a 403 - Forbidden message
or
502 - Web server received an invalid response while acting as a gateway or proxy server.
(Depends on the <Domain>)
The credentials are set to anonymouse Access in Plesk and also in the IIS Manager.
I already tried to delete the acme folder, to repair the credentials, disabled/enabled http to https redirection.
Does anybody have an idea?
Regards
Thomas
