Can not renew certificate in Plesk-certificate installation failed: Challenge marked as invalid

I try to renew SSL via Plesk for weg2g.com domain, I get below error:

Error: Let’s Encrypt SSL certificate installation failed: Challenge marked as invalid. Details: Invalid response from http://weg2g.com/.well-known/acme-challenge/F7RKVDcBP_oWslb3r_DSqm1ZE8W3dFWaNr4vTbEToG8: “<!DOCTYPE html>
<html>
<head>
<title>File Not Found</title>
<meta http-equiv=“content-type” content=“text/html; charset=utf-8” >”

I get the same error for dcwebmakers.com and myhsts.org and pdappt.com domains

Also, how can I check how many days left from an ssl expiration.

Thanks,
Matt

Hi @touchstonewords,

Regarding you Plesk issue, sorry, I can’t help, I don’t use it and there isn’t too much people here using Plesk so maybe you will get more answers asking on Plesk forums.

You can use your own browser to check the certificate details, all Desktop Browsers like Firefox, Opera, Chrome, IE, etc. have an option to see the certificate details of the site that is being visited and in those details it is the expiration date.

Or you can also use some online checker like https://www.sslshopper.com/ssl-checker.html just go to this page, put your domain name and you will see when the certificate expires (by the way, the certificates for your 4 domains are expiring on 22th September).

Cheers,
sahsanu

If you can, run “sudo certbot certificates”.
if not, you can always connect to each site and “look” at the certs.

As for the “invalid response from (http auth challenge)”:
“File Not Found” implies inability to reach the /.well-known/acme-challenge folder.

To test that out, place a test.txt file at http://weg2g.com/.well-known/acme-challenge/test.txt
and see if it can be accessed from the Internet.

I check our File Manager on server but there is no directory called .well-known on it…it’s a hidden directory? Does it come with Letsencrypt installation
Thanks

I’m not familiar with PLESK to be sure, but from the auth request "http://weg2g.com/.well-known/…"
it must be there for the auth to complete.
Now the auth process may create the folder or maybe accept the root folder if the full folder path is not available.
Again, I can’t be sure, as I don’t “PLESK”.
I would try creating a “.well-known.” folder at the sites root and then an “acme-challenge” folder in that folder.
Then place the “test.txt” file in the acme-challenge folder.

I did create directory and can see the test.txt
http://www.dcwebmakers.com/.well-known/acme-challenge/test.txt

But still the same error…

I think the issue is with DNS…I am using Godaddy share hosting IP but my Plesk is on another dedicated server…When I install ssl, I was using dedicated server for hosting…now I am not using it…

You do normally need to run your Let’s Encrypt client on the same machine that’s actually serving the domain names that the certificate will apply to.

Ok, that makes sense. Thanks

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.