Cannot enable certificate


#1

I try to enable certificate using plesk. I am hosting on GoDaddy VPS which is running Windows 2012 r2, but I have a domain from Google domains.

I am getting following error

Error: Could not issue a Let’s Encrypt SSL/TLS certificate for wahidtechnology.com .

Your domain in Plesk is hosted on the IP address(es): xxx.xxx.xxx.xx , but the DNS challenge used another IP address: xx.xx.xxx.xx .
Please check the actual DNS zone of your domain and make sure that the IP addresses in the DNS zone and for the hosting are the same.
Details

Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/opmV_JjIUi11cChom0NjloSpMDGm2pyqGKjdCHBym30.
Details:
Type: urn:acme:error:unauthorized
Status: 403
Detail: Invalid response from http://wahidtechnology.com/.well-known/acme-challenge/sRg5anrCPKzk17ZkpKwbFR8Hk2vA9yQVwlgENtJYG9I [50.63.202.36]: 404

My domain is: wahidtechnology.com

I ran this command:en

It produced this output:
Error: Could not issue a Let’s Encrypt SSL/TLS certificate for wahidtechnology.com .

Your domain in Plesk is hosted on the IP address(es): xxx.xxx.xxx.xx , but the DNS challenge used another IP address: xx.xx.xxx.xx .
Please check the actual DNS zone of your domain and make sure that the IP addresses in the DNS zone and for the hosting are the same.
Details

Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/opmV_JjIUi11cChom0NjloSpMDGm2pyqGKjdCHBym30.
Details:
Type: urn:acme:error:unauthorized
Status: 403
Detail: Invalid response from http://wahidtechnology.com/.well-known/acme-challenge/sRg5anrCPKzk17ZkpKwbFR8Hk2vA9yQVwlgENtJYG9I [50.63.202.36]: 404

My web server is (include version): Windows 2012 r2

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: Godaddy

I can login to a root shell on my machine (yes or no, or I don’t know): never try

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Plesk Onxy 17.8.1


#2

Your domain has two DNS records with different IP addresses.

wahidtechnology.com.      583   A      50.63.202.42
wahidtechnology.com.      583   A      132.148.153.18

www.wahidtechnology.com.  3589  CNAME  wahidtechnology.com.
wahidtechnology.com.      583   A      50.63.202.42
wahidtechnology.com.      583   A      132.148.153.18

It looks like 132.148.153.18 is your server and the other IP is GoDaddy’s URL redirect service.

GoDaddy URL redirects aren’t compatible with Let’s Encrypt HTTP-01 validation (and they don’t support HTTPS), so you have to turn it off. Since you have a web server, you don’t need it anyway.