• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved Manually installing a Let's Encrypt certificate with HTTP validation

Denis Gomes Franco

Regular Pleskian
I decided to post this article to document my "journey" on fixing this problem that I had with a specific customer. Also, this might serve as feedback to the developers and, I hope, to help someone with the same issues. So here's the situation.

This customer purchased a .com domain via a registrar and that domain is currently pointed at GoDaddy's DNS servers. I am migrating his website from GoDaddy to my servers and due to the customer not being technically inclined, he could not change the DNS servers for now. We'll revisit that later but in the meantime the site has to be up and running on my servers, so I hit up GoDaddy and changed the DNS entries. Works fine, but now I need to validate the Let's Encrypt certificate.

Plesk provides me with the DNS entries needed for validation but then, after wasting quite some time, I found out that GoDaddy seems to block the 'acme-challenge' entries in DNS. Even after waiting a few hours for propagation the entries are nowhere to be found when looking up the domain. So I thought, let's do a manual certificate installation, issued by zerossl.com. Then I chose HTTP validation, where you need to upload a file to your server.

(And now the feedback to the Plesk developers begins) After creating the /.well-known/acme-challenge/ directory and uploading the file, the server returns with a 404. Two more days wasted looking for a solution when I kinda accidentally came to this:

That article mentions that the directory /var/www/vhosts/default/htdocs/.well-known/acme-challenge/ is used to store validation files. Great! Now I only have to upload the validation file to this directory and.... nothing yet. Still 404 errors.

And I really have no idea how I came up with the solution and accidentaly discovered this Plesk behavior but... let me summarize:

- Uploading the file only to /var/www/vhosts/default/htdocs/.well-known/acme-challenge/: 404 error
- Uploading the file only to /var/www/vhosts/<domainname>/htdocs/.well-known/acme-challenge/: 404 error
- Uploading the file to both directories: now the file is acessible, but the contents of the file come from the first directory

And this is how I managed to fix this customer's unique situation. I also need to say that I am using an NGINX only set up, and I also looked upon changing directives, thinking that maybe NGINX was blocking something, but that didn't help either.

Also, here's some more feedback to the Plesk developers: please allow for file based SSL validation.
 
Back
Top