Facebook
Twitter
I posted a support comment in this article yesterday, my comment is always awaiting validation.
Ty
Hi Mickael,
No worries, your comment was approved.
-
If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
CentOS2Alma discussion
Vote Let's Encrypt support
- Thread starter AmaZili Communication
- Start date
-
- Tags
- certificate free open source x509
Hi Mickael,
No worries, your comment was approved.
Hey, for windows server there is a little tool (letsencrypt-win-simple on github) that will generate ssl certificates from lets encrypt. That tool uses ACMESharp as the Client Library.
The tool also sets up a windows task that will renew the certificates in a 60 day cycle.
Ive managed to modify the code so that it will upload the generated certificates to the corresponding plesk registerd domain. So you basically just select the domain, press enter and have it ssl enabled.
Now iam trying to learn the Extension stuff so that i can write a little extension for that system, do implement letsencrypt into windows plesk.
The tool also sets up a windows task that will renew the certificates in a 60 day cycle.
Ive managed to modify the code so that it will upload the generated certificates to the corresponding plesk registerd domain. So you basically just select the domain, press enter and have it ssl enabled.
Now iam trying to learn the Extension stuff so that i can write a little extension for that system, do implement letsencrypt into windows plesk.
Mickael Salfati
Regular Pleskian
Thank you, I'm waiting a reply nowHi Mickael,
No worries, your comment was approved.
Hi,
You might be happy to hear that we've almost finished updating our extension so that it can work on Windows.
Alban Staehli
Regular Pleskian
Hi, thx again for the great work, it works perfectly, including the auto-renew.
I only one domain that fail to be renewed.
When I try manually, I get the following error:
What shall I do?
Thx for your help.
I only one domain that fail to be renewed.
When I try manually, I get the following error:
Code:
Let's Encrypt SSL certificate installation failed: Failed letsencrypt execution: 2016-01-16 18:55:47,204:WARNING:letsencrypt.cli:Root (sudo) is required to run most of letsencrypt functionality.
Failed authorization procedure. domain.tld (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Could not connect to http://domain.tld/.well-known/acme-challenge/*SomeKey*, www.domain.tld (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Could not connect to http://www.domain.tld/.well-known/acme-challenge/*SomeKey*
IMPORTANT NOTES:
- The following 'urn:acme:error:connection' errors were reported by
the server:
Domains: domain.tld, www.domain.tld
Error: The server could not connect to the client to verify the
domainWhat shall I do?
Thx for your help.
Code:
Could not connect to http://domain.tld/.well-known/acme-challenge/*SomeKey*Alban Staehli
Regular Pleskian
THX, I removed the .htaccess file, and it solved the issue!
Executing /usr/local/psa/admin/plib/modules/letsencrypt/scripts/post-install.php failed: Bootstrapping dependencies for centos 6 x86_64... Creating virtual environment... Updating letsencrypt and virtual environment dependencies... cffi-1.3.0-cp26-none-linux_x86_64.whl is not a supported wheel on this platform.
Plesk 12.5 on CentOS 6. How can this be fixed ?
Plesk 12.5 on CentOS 6. How can this be fixed ?
greetings
here is the situation i have:
i have a domain and in this domain, i set up a letsencypt certificate with no problem, everything was fine.
for some reason, i have to DELETE this domain from plesk (remove domain) and then to i create it again.
after that, the letsencypt CAN NOT install in this re-created domain!
i am getting this message:
Error: Let's Encrypt SSL certificate installation failed: Failed letsencrypt execution: 2016-02-05 19:11:23,440:WARNING:letsencrypt.cli:Root (sudo) is required to run most of letsencrypt functionality.
Install certificate failure: Unable to set certificate name :
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at
/opt/psa/var/modules/letsencrypt/etc/live/mydomain.com/fullchain.pem.
Your cert will expire on 2016-05-05. To obtain a new version of the
certificate in the future, simply run Let's Encrypt again.
this is ONLY in this domain. in all others i have no problem.
i have latest plesk (12.5.30 Update #20) in debian 8.2
is this a bug or it is something else?
how can i resolve this?
thank you for your time and for your support.
here is the situation i have:
i have a domain and in this domain, i set up a letsencypt certificate with no problem, everything was fine.
for some reason, i have to DELETE this domain from plesk (remove domain) and then to i create it again.
after that, the letsencypt CAN NOT install in this re-created domain!
i am getting this message:
Error: Let's Encrypt SSL certificate installation failed: Failed letsencrypt execution: 2016-02-05 19:11:23,440:WARNING:letsencrypt.cli:Root (sudo) is required to run most of letsencrypt functionality.
Install certificate failure: Unable to set certificate name :
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at
/opt/psa/var/modules/letsencrypt/etc/live/mydomain.com/fullchain.pem.
Your cert will expire on 2016-05-05. To obtain a new version of the
certificate in the future, simply run Let's Encrypt again.
this is ONLY in this domain. in all others i have no problem.
i have latest plesk (12.5.30 Update #20) in debian 8.2
is this a bug or it is something else?
how can i resolve this?
thank you for your time and for your support.
This is a bug in Plesk, check out https://github.com/plesk/letsencrypt-plesk/issues/51#issuecomment-168589261 for details how to fix it.
Well, this won't work then. Python 2.7 and above can only be installed in /usr/local or something, since replacing python 2.66 with 2.7 will break "yum". And as i'm not able to tell the addon-installer to use another path for python :/
OK, problem solved with your help!
Thank you for your really GREAT support!
Greetings from Greece!
I had a one year free cert that expired two days ago, it was too complicated to renew. Searched for another solution and came across let's encrypt.. did another search for plesk and found that the good men in this community wrote an extension. One click to download, another to install on my 12.5.x server, and one last click on the Let's Encrypt icon in the Domains main page. My site is back in business. This is really amazing thank you all. Its good for one year, hopefully it will auto-renew.
i have error
Code:
Errore: Installazione del certificato SSL Let's Encrypt non riuscita: Failed letsencrypt execution: Failed authorization procedure. webchat.domains (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://webchat.domains/.well-known/acme-challenge/4Y63ZsT6ZFV6mvK3bgiROw9hfOc8mwVwxaLeCySS8kA: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p", www.webchat.domains (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.webchat.domains/.well-known/acme-challenge/cCkRiIrbDb2WLyulRleSaCPGjUWgXq0tL_Iy0Q53aLc: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p"
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: webchat.domains
Type: unauthorized
Detail: Invalid response from http://webchat.domains/.well-known
/acme-challenge/4Y63ZsT6ZFV6mvK3bgiROw9hfOc8mwVwxaLeCySS8kA:
"<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p"
Domain: www.webchat.domains
Type: unauthorized
Detail: Invalid response from http://www.webchat.domains/.well-
known/acme-challenge/cCkRiIrbDb2WLyulRleSaCPGjUWgXq0tL_Iy0Q53aLc:
"<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
U
UFHH01
Guest
Hi camaran,
You have HSTS enabled on your server, but the acme-challenges are done over http. If you use HSTS, you have to stop nginx during the creating-procedure over the Plesk Control Panel, because even additional rewrite directives for the location "/.well-
known/acme-challenge/" will not work, because the Plesk Let's Encrypt - client places a ".htaccess" file inside "/.well-known/acme-challenge/" with "RewriteEngine off" during the procedure.
Unfortunately, I haven't yet found a decent solution for domains with HSTS enabled, not with "www.", nor without it.
Code:
Status: HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Jun 2016 21:28:54 GMT
Content-Type: text/html
Content-Length: 178
Connection: close
Location: http://webchat.domains/
Strict-Transport-Security: max-age=31536000; includeSubDomains; preloadYou have HSTS enabled on your server, but the acme-challenges are done over http. If you use HSTS, you have to stop nginx during the creating-procedure over the Plesk Control Panel, because even additional rewrite directives for the location "/.well-
known/acme-challenge/" will not work, because the Plesk Let's Encrypt - client places a ".htaccess" file inside "/.well-known/acme-challenge/" with "RewriteEngine off" during the procedure.
Unfortunately, I haven't yet found a decent solution for domains with HSTS enabled, not with "www.", nor without it.
