• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • Support for BIND DNS has been removed from Plesk for Windows due to security and maintenance risks.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS.

Issue Lets Encrypt renew problem - Type: urn:ietf:params:acme:error:unauthorized

V

ViaHosting

Basic Pleskian
The Lets Encrypt certificates hasn't renewed automatically.

When trying to renew manually, I got the following error:

Não foi possível emitir um certificado SSL/TLS para xtpo.com.
Detalhes
Não foi possível emitir um certificado Let's Encrypt SSL/TLS para xtpo.com. Autorização para o domínio falhou.
Detalhes
Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/460xxxxxx.

Details:

Type: urn:ietf:params:acme:error:unauthorized

Status: 403

Detail: Incorrect TXT record "yTCcD5h3L2xg_R9SmJmbEqRbnXU36Z_o0rgnGVyo0qY" found at _acme-challenge.xtpo.com
Click to expand...


After investigating, I discovery that the problem is Lets Encrypt module is not updating DNS record.
If there is a "_acme-challenge" record, it is not update.
It there isn't a record, it's not created.

You can see on image 2-DNS.png, that the record "_acme-challenge" has the wrong value, even after the prior step (image 1-CERTIFICADO.png).

The problem starts on Plesk Obsidian 18.0.26.
Tried to upgrade to version 18.0.27, but the problem remains.

The temporarily soluction is update the DNS record manually, before continue the renew process.


Complementing the information:
In Linux versions, the problem is a little bit different.
The certificate isn't renewed automatically also,
but it works if you try manually.



------------------------------------------
SO: Microsoft Windows Server 2019
Produto: Plesk Obsidian
Versão 18.0.27, última atualização em 15/05/2020 17:37
 

Attachments

  • 1-CERTIFICADO.PNG
    1-CERTIFICADO.PNG
    82.1 KB · Views: 46
  • 2-DNS.PNG
    2-DNS.PNG
    8.4 KB · Views: 45
  • 3-ERRO.PNG
    3-ERRO.PNG
    53 KB · Views: 41
Last edited:
You must log in or register to reply here.

Similar threads

L
Issue ( authorization token is unavailable ) Could not issue/renew Let`s Encrypt certificates
Replies
7
Views
2K
Leta
L
B
Issue Unable to issue a Let's Encrypt certificate for domain with forwarding hosting type: nginx is not installed or is disabled on the Plesk server
Replies
1
Views
672
Sebahat.hadzhi
Sebahat.hadzhi
S
Question let's encrypt TXT record and nameserver-problem
Replies
2
Views
855
SiegbertG
S
W
Question Wanted: Best practice for certificates (Lets Encrypt) two separate Plesk servers for www and mail
2
Replies
20
Views
3K
W4ru
W
K
Question Renewing Let's Encrypt with external DNS servers
Replies
5
Views
3K
klowet
K
Back
Top