Let's Encrypt SSL Certificate

[Danny Thomas]

Hi,
Few days ago we got email about we need to renew SSL Encrypt as about to expire we're currently getting this error message.

Since we have resellers account licence unable to contact the support... Our resellers unable to provide any support or getting this fixed.

Error: Unable to obtain Let's Encrypt SSL certificate because of failed challenge for domain "":
Invalid response from /.well-known/acme-challenge/OdfJC0RYAsXPbsu1MWmgaKgbdmS3J5RXoncqnw9iEpE: "<HTML> <HEAD> <TITLE>500 Internal Server Error</TITLE> <BASE href="/error_docs/"><!--[if lte IE 6]></BASE><![endif]--> </HEAD><B"

 

[IgorG]

Please check this KB article Cannot install Let's Encrypt certificate: Let's Encrypt SSL certificate installation failed: Failed letsencrypt execution: Failed authorization procedure. 404

 

[Danny Thomas]

Thank for your reply, The SSL Encrypt is installed it's been working the certificate is about to expire and it will not allow to renew i get the error message above.
i've looked at the link you provided this didn't help cause that different error i'm not getting that one i'm getting on above.

 

[Danny Thomas]

Hello,

I've re-write the httaccess file and now getting this error


Error: Unable to obtain Let's Encrypt SSL certificate because of incorrect DNS configuration for domain (Domain)-Name)

Global DNS contains an AAAA record for IPv6, but in Plesk the domain is assigned only an IPv4 address. To resolve the issue, either add an IPv6 address via Web Hosting Access settings, or remove the AAAA record from the global DNS for the domain. See the related Knowledge Base article for details.

Original error message:
Invalid response from Domain name .well-known/acme-challenge/QYElTN5i__adObFEg2fHBKSvF6CqBN2UxGLlOXPby68: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>404 Not Found</title> </head><body> <h1>Not Found</h1> <p"

I'm getting another error.

 

[Danny Thomas]

Hello, Can anyone shed some light on this....

i'm unable to fix this problem getting cause now i've hit the limit cap.

Error: Let's Encrypt SSL certificate installation failed:
Invalid response from https://acme-v01.api.letsencrypt.org/acme/new-authz: Error creating new authz :: Too many invalid authorizations recently.. Type: urn:acme:error:rateLimited.

 

[UFHH01]

Hi Danny Thomas,

pls. READ ( and note, that Plesk can't do absolute nothing when it comes to these "rate limits"! ):

=> Rate Limits - Let's Encrypt - Free SSL/TLS Certificates​

 

[Danny Thomas]

Hi Danny Thomas,

pls. READ ( and note, that Plesk can't do absolute nothing when it comes to these "rate limits"! ):

=> Rate Limits - Let's Encrypt - Free SSL/TLS Certificates​

Yes, okay but that don't answer my question at why when come to renew it i'm getting errors.... it's simple thing i just want some help fixing this problem.

 

[UFHH01]

Hi Danny Thomas,

at this moment, you can't fix your issue/error/problem, as you reached the rate limits ( defined by Let's Encrypt, not by Plesk! ). If you desire help with the investigations, WHY you reached the rate limits, pls. add all of your "panel.log" - files ( as attachments ) from the last week, at which Let's Encrypt logs the actions.

I've re-write the httaccess file and now getting this error

Error: Let's Encrypt SSL certificate installation failed:
Invalid response from https://acme-v01.api.letsencrypt.org/acme/new-authz: Error creating new authz :: Too many invalid authorizations recently.. Type: urn:acme:error:rateLimited.

I assume, that you tried too often to renew the certificate, even that existent "htaccess" - files and misconfigured DNS - entries produced errors during the renew process.

 

[Danny Thomas]

Hi,
Thank for your message, Plesk contacted me back regrading this problem.

I'm going let you know how resolved this problem... It's BUG in plesk they currently working on fix to fix the on-going problem.

Open Plesk Control Panel - Click on Tool & Settings - Plesk. (GREAT)
Let's get going...Tools & Resources under that header you will see

• IP Addresses
• Click on it
• Change IPV4 address to Shared.
• Change IPV6 address to Dedicated.

Once done save the changes.
Great Prefect, Let's go to the next part now we need to click on Domains
selected the domain name. Now selected File-Manager.

You need to rename your .htaccess to .htaccess.test this only temporary we'll change this back soon.
Save the re-named file name.

Click on Domains choose your Domain name. Click on Web Hosting Access

You will see in here you have IP Addresses, Information banner looking like this.
Here you can view the IP addresses associated with your subscription and change the username and password of your system user.

Please remember this only Temporary, Click on IP Address IPV4 and change it too NONE. Great now apply the change.

Now once you have applied the changes, click on domains and selected Let's Encrypt.
Click Renew - And will re-new SSL prefect. you should get this message - Information: Let's Encrypt SSL certificate was successfully installed on

Great, Do you remember we had to change the .htaccess file name - go back to your file-manager and rename back to .htaccess save the changes once again. Now you need to go back into "Web-Hosting-Access" again and switch IPV4 address back online. Just let you know can now leave this on as no longer get this error message.

Remember always test Encrypt again with these settings switched on as shouldn't no longer get this error anymore.

When you receive email saying need to re-new SSL will work by click on re-new prefect.

I'm sorry didn't add any images will added some later in showing how i fixed this error with images also.

Let's Encrypt