Cannot renew - acme unauthorized

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: Renew

It produced this output: Could not issue an SSL/TLS certificate for
Could not issue a Let's Encrypt SSL/TLS certificate for Authorization for the domain failed.

Invalid response from


Type: urn:ietf:params:acme:error:unauthorized

Status: 403

Detail: Incorrect TXT record "v6SjScjlXLi0cNrIQco5ZCeqvOiFwYV2QOTq0dmt15Y" found at

My web server is (include version): Plesk Obsidian v18.0.40_build1800211207.16 os_CentOS 8

The operating system my web server runs on is (include version): CentOS Linux 8.5.2111

My hosting provider, if applicable, is: 1 and 1

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Hi @jdarbysh and welcome to the LE community forum :slight_smile:

Please show the file:


According to CT logs, you have renewed that cert (today).

So... Congrats!
[You figured it out]


Did not show up on a search of the drive.

It may show renewed, but is stilll popping an error for expired certificate.

You've renewed your certificate THREE TIMES today already: |

Please note that if a successful issuance the first time does NOT result in the proper USE of that certificate, re-issuing it again and again does not fix the latter problem, as it's not issuance related.

Depending on how you installed the certificate in the first place it might be as simpel as just reloading the webserver. Or perhaps the location of the certificate has changed and the webserver configuration needs to be changed. It all depends on what happened exactly at issuance.

Also note that your currrent certificate lacks the wildcard hostname, which your previous certificate did have. So it seems you did not renewed your previous certificate, but you issued a brand new certificate. Which might explain why your webserver doesn't pick it up.


Please show:
certbot certificates

OR... maybe it isn't using certbot
Hard to tell, since you didn't mention which ACME client is being used.
You did, however, mention Plesk - But I don't use Plesk, so I can't be certain how it deals with certs.

1 Like

Sorry - was not receiving any indication of successful renewal. Thank you for the link to Nice tool.

Seems the server restart took care of it. Thank you to all. Merry Christmas.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.