SSL certificate renewal is failing for an add-on domain, slash missing from "/.well-known"

[Bitpalast]

TITLE:

SSL certificate renewal is failing for an add-on domain, slash missing from "/.well-known"​

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE:

Plesk Onyx 17.0, latest MU, latest extension version 2.03, CentOS 7.3, 64-Bit​

PROBLEM DESCRIPTION:

SSL certificate renewal is failing for an add-on domain with this message:

[2017-04-28 15:30:06] ERR [extension/letsencrypt] Cannot renew certificate on domain DOMAIN-1.TLD with error: Challenge marked as invalid. Details: Could not connect to www.DOMAIN-2.TLD.well-known

Discussion here:
Issue - Let's Encrypt unclear renewal failure
[Edit 2017-04-30: RESOLVED, different issue, redirect problem]

and here:
Cannot renew certifcate because of wrong url · Issue #153 · plesk/letsencrypt-plesk · GitHub
[not yet resolved]

Some users report this for subdomains, we are seeing it for a regular add-on domain to a subscription.​

STEPS TO REPRODUCE:

Unclear, probably simply create an add-on domain to a subscription, create a certificate for it, then let the renewal script try to renew the cert. There is slight chance that the issue is linked to the fact that the domain we see it on is a Wordpress website in "maintenance"-mode, so maybe there is rewrite rule that interferes? However, the /.well-known slash is missing as other users report it, too.
[Edit 2017-04-30: Resolved for the add-on domain case as described here, other case reported in GitHub not tested/verified by us.]​

ACTUAL RESULT:

Error message as shown above.​

EXPECTED RESULT:

Certificate renewel or nothing if it is not up for renewal.​

ANY ADDITIONAL INFORMATION:

​

YOUR EXPECTATIONS FROM PLESK SERVICE TEAM:

Confirm bug​

 

[Bitpalast]

Case as described here was resolved.
GitHub documented case unresolved.

 

[Bitpalast]

GitHub documented case seems to be resolved now, too. User is reporting that it was caused by a permanent redirect to the https:// version of the URL.