Resolved Let's Encrypt SSL certificate installation failed

[PierreL]

Hello community,

I've just started the setup of my web site on hostforlife. They provide plesk as my control panel. And that's great.

But when trying to setup let's encrypt, there comes the problem.

I got the following error message when i press the "install" button:


Error: Let's Encrypt SSL certificate installation failed: Challenge marked as invalid. Details: The key authorization file from the server did not match this challenge [Kts_VVDn1LpkO6CkdEsbsfUPpgtPJvyvHTboogNISYs.0MfJ-6Uztn9ft_oH_0oMRmk7q_NY_XC7da5ZqZhtjKc] != [Hello World!]



At hostforlife support they told me they can't help me on that. So here, I'm.

Any idea what's going wrong ?

I have the feeling that the "Hello world" is ... strange ?

Pierre

 

[UFHH01]

Hi PierreL,

pls. note, that the Plesk Let's Encrypt Extensions logs to your "panel.log", where you should be able to investigate possible issues/errors/problems. If you need help with your investigations, pls. consider to post the corresponding log - file entries, so that people willing to help you have something to start with their investigations.

In addition, pls. note as well, that Plesk support several operating systems, so it is always recommended to post at least the following informations:

• Your operating system
• Your current used Plesk version ( inkl. #MU )
• Your current used Plesk Let's Encrypt Extension version

Additional informations:

=> Plesk for Linux services logs and configuration files ( KB - article: 213403509 )​

Sometimes, it is as well a good idea to change the log - level ( TEMPORARILY! ), to get more informations in Plesk - log - files:

=> How to enable/disable debug logging in Plesk 11.5 and up? ( KB - article: 213408889 )​

=> Plesk for Windows services logs and configuration files ( KB - article: 213911325 )​

Sometimes, it is as well a good idea to change the log - level ( TEMPORARILY! ), to get more informations in Plesk - log - files:

=> How to enable/disable debug logging in Plesk 11.5 and higher for Windows ( KB - article: 213377849 )​

 

[PierreL]

Thank you for your reply. Unfortunatly, I have no clue where to find those information

• Your operating system
• Your current used Plesk version ( inkl. #MU )
• Your current used Plesk Let's Encrypt Extension version

Also, I don't have the right to setup the logs, and i don't have acces to any log (except the one from iis).

All I can see is http traffic

And there is this request wich is targetting let's encrypt.

GET /.well-known/acme-challenge/irupL4EVJCE8C3UK7VMG7pubDD2g4UaEcPmm42SyuvQ - HTTP/1.1

195
The response is a 200 http status.

 

[PierreL]

So here is the os version and the plesk version.
1. We use Windows Server 2012 R2
2. Plesk Onyx Version 17.0.17
3. It should be the same with Plesk version

Does this help ?

 

[PierreL]

By the way, never go to hostforlife (HostForLIFE.eu - European Cheap, Best, Discount and Instant Activation ASP.NET 5 / ASP.NET Core 1.0 Hosting, ASP.NET MVC Hosting, SQL Server 2016 Hosting, and Windows Server 2016 Hosting). They don't want to give any support on this. But in their marketing they claim to support let's encrypt... WIch is clearly not the case as, when there is problem, they said they don't want tu help !

 

[PierreL]

I wanted to provide you the solution to my problem, so that you may help other user.

Im using a net core application with mvc.

The problem is that letsencrypt target a folder .well-know inside the application. As it doesnt exist, and that no route is targeting it; mvc return a 404. Then certifacte was not able to work.

So the trick is to add the following code on the configure method from startup.cs

app.UseStaticFiles(new StaticFileOptions
{
FileProvider = new PhysicalFileProvider(Path.Combine(Directory.GetCurrentDirectory(), @".well-known")),
RequestPath = new PathString("/.well-known"),
ServeUnknownFileTypes = true // serve extensionless file
});

And you also need to add the folder to the root of the website

And voila.

Pierre