• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Forwarded to devs Letsencrypt is trying to validate www on subdomain even if www is turned off

Mike99

Basic Pleskian
TITLE:
Letsencrypt is trying to validate www on subdomain even if www is turned off
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE:
Plesk web pro edition, Version 17.8.11 Update #24. Ubuntu 16.04.5 LTS
PROBLEM DESCRIPTION:
When subdomain is created as a separate domain, so it has it's own home directory, independent the root domain, Plesk is trying to validate www.subdomian.example.com when:

Hosting settings> Preferred domain: selected without www
LetsEncrypt > Select what else can be secured Include a "www" subdomain for the domain and each selected alias: this is unchecked

from /var/log/plesk/panel.log

[2018-10-12 05:09:03.034] ERR [extension/letsencrypt] Domain validation failed for www.subdomain.domain.com: Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/f7X5ED-YfKcONPaMCYMwZohH3hG1TjRlXs_bsz-yS_E.
Details:
Type: urn:acme:error:dns
Status: 400
Detail: DNS problem: NXDOMAIN looking up A for www.subdomain.domain.com
STEPS TO REPRODUCE:
Create subdomain as a separate domain with Add domain, this is important, not add subdomain.

Hosting settings> Preferred domain: selected without www
LetsEncrypt > Select what else can be secured Include a "www" subdomain for the domain and each selected alias: this is unchecked

See logs.​
ACTUAL RESULT:
[2018-10-12 05:09:03.034] ERR [extension/letsencrypt] Domain validation failed for www.subdomain.domain.com: Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/f7X5ED-YfKcONPaMCYMwZohH3hG1TjRlXs_bsz-yS_E.
Details:
Type: urn:acme:error:dns
Status: 400
Detail: DNS problem: NXDOMAIN looking up A for www.subdomain.domain.com
EXPECTED RESULT:
Plesk Letsencrypt extension stop looking for a nonexistent subdomain.​
ANY ADDITIONAL INFORMATION:
With multiple subdomains, this can lead to fast Letsencrypt quota limit exceeded.
YOUR EXPECTATIONS FROM PLESK SERVICE TEAM:
Help with sorting out
 
@Mike99
Hello i couldn't reproduce your issue on test environment

Please contact with our support team at Plesk Help Center
We need to look to the your domain's configuration and logs in more detail

Hi cepesh84,

I have a Plesk license from reseller Hetzner from Germany, is your support team still going to help me somehow? When I enter my Plesk license, I get:

We identified that the Plesk license was purchased not directly from Plesk but through one of the Plesk Resellers.
In this case, you need to contact your license provider for support service.
Plesk Partners (Resellers) are fully trained by Plesk and deliver best-in-the-industry support for Plesk products running on their infrastructure.


So basically I have a problem, because the only support from Hetzner I get is this wiki Plesk/en – Hetzner DokuWiki

I have another strange problem Issue - Letsencrypt: Invalid response: Type: urn:acme:error:rateLimited with only these two subdomains, not any other subdomains are affected, the only difference is that the problem domains were created with New domain button and not New subdomain.
 
Last edited:
Hello for everyone with similar issues, I uninstalled LetsEncrypt extension from Plesk and installed it again, the problem disappeared, this means that during some upgrades of Plesk, because I am running always the latest version, some scripts were probably not updated. Problem solved.
 
Back
Top