Cannot renew certificate using Plesk extension

I'm unable to renew my certificate via the Let's Encrypt extension in Plesk, though I've routinely done so successfully in the past. After clicking to "Renew," I enter the generated TXT field in my DNS Zone file and check - repeatedly - that this resolves externally using

dig -t txt _acme-challenge.sunygeneseoenglish.org +short

However, when I click Continue, I get the following message every time:

Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/16310064800.
Details:
Type: urn:ietf:params:acme:error:dns
Status: 400
Detail: DNS problem: query timed out looking up TXT for _acme-challenge.sunygeneseoenglish.org

My domain is: sunygeneseoenglish.org

I ran this command: N/A - I'm using the Let's Encrypt Extension in Plesk Obsidian v. 18.0.36

It produced this output: N/A see above

My web server is (include version):

The operating system my web server runs on is (include version): CentOS Linux 7.9.2009 (Core)

My hosting provider, if applicable, is: Media Temple

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Plesk Obsidian v. 18.0.36

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

1 Like

Hi @frumious :wave:,

I see your domain is hosted on Media Temple's DNS servers. It seems there are some issues with validation for domains hosted there - see:

I guess Media Temple may be rate-limiting DNS queries from Let's Encrypt validation authority resolvers (?).

2 Likes

Thanks @damisanet - I hadn't seen that thread! I'll give Media Temple support a try. :crossed_fingers:

2 Likes

Confirming here that — like @davidh in the thread Media Temple: DNS timing out getting A record — I was finally able to renew my certificate via Plesk on MT late yesterday.

2 Likes

Excellent! Glad to hear this! :partying_face:

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.