• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • Support for BIND DNS has been removed from Plesk for Windows due to security and maintenance risks.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS.

Resolved let's encrypt fail

Tomili

Tomili

New Pleskian
Again let's encrypt error.

Topic before:
https://talk.plesk.com/threads/prepare-etc-network-interface-for-plesk.339884/


I habe Added an second domain.

In the /etc/hosts i have first add the domain
Code: 
192.168.168.200 pokemongoburgdorf.ch

After i added the domain.
I created an subdomain and add the let's encrypt certificate and it works fine.
But whe i try to add the SSL on the pokemongoburgdorf.ch will output an error.
Code: 
[2016-11-07 17:41:53] ERR [extension/letsencrypt] Execution of /opt/psa/admin/plib/modules/letsencrypt/scripts/cli.php failed with exit code 1 and the output:
Saving debug log to /opt/psa/var/modules/letsencrypt/logs/letsencrypt.log
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for pokemongoburgdorf.ch
Starting new HTTPS connection (1): 127.0.0.1
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. pokemongoburgdorf.ch (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://pokemongoburgdorf.ch/.well-known/acme-challenge/chyYTfr0jbDkxNEGV-_U0VHRrrl-4DbS-0bnUqgtyU0: "<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>404 Not Found</title>
<h1>Not Found</h1>
<p>The requested URL was"
IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: pokemongoburgdorf.ch
   Type:   unauthorized
   Detail: Invalid response from
   http://pokemongoburgdorf.ch/.well-known/acme-challenge/chyYTfr0jbDkxNEGV-_U0VHRrrl-4DbS-0bnUqgtyU0:
   "<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
   <title>404 Not Found</title>
   <h1>Not Found</h1>
   <p>The requested URL was"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A record(s) for that domain
   contain(s) the right IP address.
Execution of /opt/psa/admin/plib/modules/letsencrypt/scripts/cli.php failed with exit code 1 and the output:
Saving debug log to /opt/psa/var/modules/letsencrypt/logs/letsencrypt.log
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for pokemongoburgdorf.ch
Starting new HTTPS connection (1): 127.0.0.1
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. pokemongoburgdorf.ch (http-01): urn:acme:error:unau


Commands that i run.
Code: 
plesk repair all pokemongoburgdorf.ch

plesk repair installation pokemongoburgdorf.ch

An idea?
 
Tomili said:
192.168.168.200 pokemongoburgdorf.ch
Click to expand...

Tomili, pls. inform yourself about DNS - management in general and the usage of INTERNAL and EXTERNAL IPs and domains.

Quoted from: => https://www.ietf.org/rfc/rfc1918.txt

3. Private Address Space

The Internet Assigned Numbers Authority (IANA) has reserved the
following three blocks of the IP address space for private internets:

10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
Click to expand...

... and control your domains/IPs ( accessible from outside of your private IP range! ) for example with the help of : => https://www.dnswatch.info
( for your domain in question, pls. see: => https://www.dnswatch.info/dns/dnslookup?la=en&host=pokemongoburgdorf.ch&type=A&submit=Resolve )

Pls. keep as well in mind, that recent DNS - changes may take up to 24-72 hours, untill all worldwide DNS - servers are synced, so pls. check with for example the above URLs for possible recent changes! ;)


Pls. don't forget your READ possible error messages, as for example:
...
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
...
Click to expand...
... and pls. check as well the logs at "/opt/psa/var/modules/letsencrypt/logs" to start with your investigations, as stated as well in your error - message:

Tomili said:
Saving debug log to /opt/psa/var/modules/letsencrypt/logs/letsencrypt.log
Click to expand...
 
You must log in or register to reply here.

Similar threads

B
Issue Unable to issue a Let's Encrypt certificate for domain with forwarding hosting type: nginx is not installed or is disabled on the Plesk server
Replies
1
Views
682
Sebahat.hadzhi
Sebahat.hadzhi
R
Issue Problems Issuing a Let's Encrypt Certificate
Replies
6
Views
1K
Robin McDermott
R
M
Resolved Lets Encrypt not issuing certs for subdomains
Replies
2
Views
1K
mendip_discovery
M
A
Issue Can't reissue LE certificate
Replies
1
Views
532
Martin Dias
Martin Dias
L
Issue ( authorization token is unavailable ) Could not issue/renew Let`s Encrypt certificates
Replies
7
Views
2K
Leta
L
Back
Top