• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

SSL certificate renewal is failing for an add-on domain, slash missing from "/.well-known"

Bitpalast

Bitpalast

Plesk addicted!
Plesk Guru
TITLE:
SSL certificate renewal is failing for an add-on domain, slash missing from "/.well-known"
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE:
Plesk Onyx 17.0, latest MU, latest extension version 2.03, CentOS 7.3, 64-Bit
PROBLEM DESCRIPTION:
SSL certificate renewal is failing for an add-on domain with this message:

[2017-04-28 15:30:06] ERR [extension/letsencrypt] Cannot renew certificate on domain DOMAIN-1.TLD with error: Challenge marked as invalid. Details: Could not connect to www.DOMAIN-2.TLD.well-known

Discussion here:
Issue - Let's Encrypt unclear renewal failure
[Edit 2017-04-30: RESOLVED, different issue, redirect problem]

and here:
Cannot renew certifcate because of wrong url · Issue #153 · plesk/letsencrypt-plesk · GitHub
[not yet resolved]

Some users report this for subdomains, we are seeing it for a regular add-on domain to a subscription.​
STEPS TO REPRODUCE:
Unclear, probably simply create an add-on domain to a subscription, create a certificate for it, then let the renewal script try to renew the cert. There is slight chance that the issue is linked to the fact that the domain we see it on is a Wordpress website in "maintenance"-mode, so maybe there is rewrite rule that interferes? However, the /.well-known slash is missing as other users report it, too.
[Edit 2017-04-30: Resolved for the add-on domain case as described here, other case reported in GitHub not tested/verified by us.]​
ACTUAL RESULT:
Error message as shown above.​
EXPECTED RESULT:
Certificate renewel or nothing if it is not up for renewal.​
ANY ADDITIONAL INFORMATION:
YOUR EXPECTATIONS FROM PLESK SERVICE TEAM:
Confirm bug
 
Last edited:
GitHub documented case seems to be resolved now, too. User is reporting that it was caused by a permanent redirect to the https:// version of the URL.
 
You must log in or register to reply here.

Similar threads

L
Issue ( authorization token is unavailable ) Could not issue/renew Let`s Encrypt certificates
Replies
7
Views
2K
Leta
L
Hangover2
Forwarded to devs SSL It! breaks renewal and usage of Let's Encrypt wildcard certificates when subdomains are involved
2 3
Replies
48
Views
21K
gsk
gsk
K
Resolved Plesk panel update fails with "certificate has expired"
Replies
3
Views
561
Sebahat.hadzhi
Sebahat.hadzhi
Bitpalast
Resolved SSL create and renew errors on random domains / possibly a Let's Encrypt issue, but maybe only in combination with Plesk
Replies
11
Views
2K
Change Maker
C
D
Issue Lets Encrypt Not Successful over port 80
Replies
8
Views
3K
Daiv
D
Back
Top