• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

let's Encrypted error

N

nMLxTMJTZ

Regular Pleskian
hi, i have this error

Errore: Installazione del certificato SSL Let's Encrypt non riuscita: Failed letsencrypt execution: Failed authorization procedure. webchat.domains (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://webchat.domains/.well-known/acme-challenge/uYYYDxAG7xNUGdy7BZ_-xEcCcvX-AZ0SFMre1ka4WMo [178.33.214.165]: 403

- The following errors were reported by the server:

Domain: webchat.domains
Type: unauthorized
Detail: Invalid response from http://webchat.domains/.well-known
/acme-challenge/uYYYDxAG7xNUGdy7BZ_-xEcCcvX-AZ0SFMre1ka4WMo
[178.33.214.165]: 403

and i cannot install certificate
 
@camaran,

In your case, the issue is caused by letsencrypt running in the "webroot" mode, which should not be the case in the Plesk environment.

Did you execute the letsencrypt binary yourself? Or what are the circumstances in which your problem is occurring?

Can you be more specific, in particular with respect to the actions you have taken and that have lead to the error notification?

Please provide more details, print screens etc.

Regards......
 
@camaran

I am not able to exactly reproduce your situation and error, but I know of some situations in which a similar error can occur.

The issue is related to the way Let´s Encrypt extension is running and I am still investigating whether it is a bug or some form of incomplete code: I will keep you up-to-date.

As for now, I cannot provide you with a work-around, since revocation and deletion of Let´s Encrypt certificates seems rather impossible.

Regards....
 
@camaran,

Yes, it is "possible" (in theory), but only with some extensive configuration and sufficient knowledge to do that configuration.

However, running Plesk on a LXC based container is not the same as running Plesk without problems: you will encounter many problems, for many reasons.

In short, I would rather not recommend the usage of LXC based containers.

Regards.....
 
@camaran,

Can you tell us what you exactly try to achieve?

It makes a difference whether you want to spin up a virtual environment for testing purposes or use the virtual environment as a production environment.

Regards.....
 
My production server are based on LXC and in plesk i have two domain, one work with let's Encrypted and one not, i have error of first messege
 
@camaran

Am I correct when saying that you have a Plesk instance running in a LXC container?

If that is true, then it would not surprise me that you have some difficulties with let´s encrypt: LE is running it´s own virtual environment (and that can conflict with the LXC container).

I am pretty sure that it has something to do with the Plesk LE extension and/or how traffic to the container is routed, so can you provide the error message?

Regards....
 
Errore: Installazione del certificato SSL Let's Encrypt non riuscita: Failed letsencrypt execution: Failed authorization procedure. webchat.domains (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://webchat.domains/.well-known/acme-challenge/uYYYDxAG7xNUGdy7BZ_-xEcCcvX-AZ0SFMre1ka4WMo [178.33.214.165]: 403

- The following errors were reported by the server:

Domain: webchat.domains
Type: unauthorized
Detail: Invalid response from http://webchat.domains/.well-known
/acme-challenge/uYYYDxAG7xNUGdy7BZ_-xEcCcvX-AZ0SFMre1ka4WMo
[178.33.214.165]: 403
 
Hi Let's Encrypt Specialists,

i also get some error if i try to get an Certificate.
Maybe someone could give a hint.
It's a Windows Vserver 2012 R2 with Plesk 12.5 MU27
I'll post details from Logfile.
What i tried before:
1: Shortly deactivate Firewall because of: "DEBUG:acme.challenges:dns-01 was not recognized"
2: Activate DNS of vServer; Normally using External DNS; in cause of same line.

Thank you for your help.

Greets LaFo
 

Attachments

  • letsencrypt.log
    21.1 KB · Views: 6
Hi LaFo,

We encounter similar issues from time to time but cannot find their root cause. It looks like a timeout issue on Let's Encrypt side, but we aren't 100% sure. Have you tried getting a certificate again (different time/day)?
 
Hi custer,

First of all thank u for your response an help.
I tried several times within different hours. Logfile shows always same lines with different timestamps.
As much as i understand from logs is the debug line as shown above with the DNS error that looks weird.
Because i use external hosted Domains with external Nameservers to point to Windows 2012R2 vserver shared IPv4.
But i'm pretty sure you understand much more of the logfile.
Inbetween Odin has updated to MU 30.

Maybe you can take a closer look to the Logfile posted above.
If u need more Informartion please let me know.

Many greets LaForge
 
You must log in or register to reply here.

Similar threads

D
Issue Lets Encrypt Not Successful over port 80
Replies
8
Views
281
Daiv
D
Nextgen-Networks
Issue Lets Encrypt - error in certificate renew process
2
Replies
21
Views
2K
Peter Debik
P
Nicola Urbinati
Resolved Let'Encrypt SSL not issued
Replies
2
Views
2K
Nicola Urbinati
Nicola Urbinati
M
Issue Let's enrypt can not renew or create certificate
Replies
1
Views
918
Bitpalast
Bitpalast
F
Issue Let's Encrypt Attempting to use HTTP instead of DNS Challenge for wildcard
Replies
2
Views
1K
path
P
Back
Top