• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Inviting everyone to the UX test of a new security feature in the WP Toolkit
    For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.

Issue Lets Encrypt renew problem - Type: urn:ietf:params:acme:error:unauthorized

V

ViaHosting

Basic Pleskian
The Lets Encrypt certificates hasn't renewed automatically.

When trying to renew manually, I got the following error:

Não foi possível emitir um certificado SSL/TLS para xtpo.com.
Detalhes
Não foi possível emitir um certificado Let's Encrypt SSL/TLS para xtpo.com. Autorização para o domínio falhou.
Detalhes
Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/460xxxxxx.

Details:

Type: urn:ietf:params:acme:error:unauthorized

Status: 403

Detail: Incorrect TXT record "yTCcD5h3L2xg_R9SmJmbEqRbnXU36Z_o0rgnGVyo0qY" found at _acme-challenge.xtpo.com
Click to expand...


After investigating, I discovery that the problem is Lets Encrypt module is not updating DNS record.
If there is a "_acme-challenge" record, it is not update.
It there isn't a record, it's not created.

You can see on image 2-DNS.png, that the record "_acme-challenge" has the wrong value, even after the prior step (image 1-CERTIFICADO.png).

The problem starts on Plesk Obsidian 18.0.26.
Tried to upgrade to version 18.0.27, but the problem remains.

The temporarily soluction is update the DNS record manually, before continue the renew process.


Complementing the information:
In Linux versions, the problem is a little bit different.
The certificate isn't renewed automatically also,
but it works if you try manually.



------------------------------------------
SO: Microsoft Windows Server 2019
Produto: Plesk Obsidian
Versão 18.0.27, última atualização em 15/05/2020 17:37
 

Attachments

  • 1-CERTIFICADO.PNG
    1-CERTIFICADO.PNG
    82.1 KB · Views: 41
  • 2-DNS.PNG
    2-DNS.PNG
    8.4 KB · Views: 39
  • 3-ERRO.PNG
    3-ERRO.PNG
    53 KB · Views: 35
Last edited:
You must log in or register to reply here.

Similar threads

K
Question Renewing Let's Encrypt with external DNS servers
Replies
5
Views
327
klowet
K
D
Issue Lets Encrypt Not Successful over port 80
Replies
8
Views
508
Daiv
D
T
Resolved Lets Encrypt renewal - wildcard seems to want to use http challenge
Replies
2
Views
1K
TomBoB
T
Nextgen-Networks
Issue Lets Encrypt - error in certificate renew process
2
Replies
21
Views
3K
Peter Debik
P
M
Issue plesk server certificate does NOT include an ID which matches the server name
Replies
9
Views
2K
learning_curve
learning_curve
Back
Top