Can't access site, after failed cert renewal

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: generationz.dev

I ran this command: none (the cert should renew itself automatticaly)

It produced this output:

Could not secure domains of Mendi (login mendist) with Let's Encrypt certificates. Please log in to Plesk and secure the domains listed below manually.
Securing of the following domains has failed:

<none>

The following domains have been secured without some of their Subject Alternative Names:

<none>

Could not renew Let's Encrypt certificates for Mendi (login blablabla). Please log in to Plesk and renew the certificates listed below manually.
Renewal of the following Let's Encrypt certificates has failed:

 * 'Lets Encrypt mendi.sterenfeld.org' [already expired]
   [-] mendi.sterenfeld.org

   Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz/g-HSQZx-mEeli2-GTzyLf7cdoK-zH9r0PhMeG6l80OQ.
   Details:
   Type: urn:ietf:params:acme:error:unauthorized
   Status: 403
   Detail: Invalid response from https://www.generationz.dev/.well-known/acme-challenge/RSMDTIZZZi0TYQC0ozPxQozUzGJfOMTuDLICqUa1PJs [37.187.67.206]: "<HTML>\r\n<HEAD>\r\n<TITLE>500 Internal Server Error</TITLE>\r\n<BASE href=\"/error_docs/\"><!--[if lte IE 6]></BASE><![endif]-->\r\n</HEA"

The following Let's Encrypt certificates have been renewed without some of their Subject Alternative Names:

<none>


Legend:
[+] This domain is secure. The domain's SSL/TLS certificate from Let's Encrypt has been issued/renewed.
[-] This domain is not secure. Either the domain's SSL/TLS certificate from Let's Encrypt could not be issued/renewed or the domain name was excluded from the certificate. Renew the certificate manually or request a new one to secure this domain.

My web server is (include version): windows server

The operating system my web server runs on is (include version): windows server

My hosting provider, if applicable, is: ovh.com

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Plesk onyx

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): Can’t do that.

just for clarification,
i’m using nodejs on plesk. i think the problem is with my web.config file:

    <?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <httpErrors>
            <remove statusCode="502" subStatusCode="-1" />
            <remove statusCode="501" subStatusCode="-1" />
            <remove statusCode="500" subStatusCode="-1" />
            <remove statusCode="412" subStatusCode="-1" />
            <remove statusCode="406" subStatusCode="-1" />
            <remove statusCode="405" subStatusCode="-1" />
            <remove statusCode="404" subStatusCode="-1" />
            <remove statusCode="403" subStatusCode="-1" />
            <remove statusCode="401" subStatusCode="-1" />
            <remove statusCode="400" />
            <error statusCode="400" path="C:\Inetpub\vhosts\generationz.dev\error_docs\bad_request.html" />
            <remove statusCode="407" />
            <error statusCode="407" path="C:\Inetpub\vhosts\generationz.dev\error_docs\proxy_authentication_required.html" />
            <remove statusCode="414" />
            <error statusCode="414" path="C:\Inetpub\vhosts\generationz.dev\error_docs\request-uri_too_long.html" />
            <remove statusCode="415" />
            <error statusCode="415" path="C:\Inetpub\vhosts\generationz.dev\error_docs\unsupported_media_type.html" />
            <remove statusCode="503" />
            <error statusCode="503" path="C:\Inetpub\vhosts\generationz.dev\error_docs\maintenance.html" />
            <error statusCode="401" prefixLanguageFilePath="" path="C:\Inetpub\vhosts\generationz.dev\error_docs\unauthorized.html" />
            <error statusCode="403" prefixLanguageFilePath="" path="C:\Inetpub\vhosts\generationz.dev\error_docs\forbidden.html" />
            <error statusCode="404" prefixLanguageFilePath="" path="C:\Inetpub\vhosts\generationz.dev\error_docs\not_found.html" />
            <error statusCode="405" prefixLanguageFilePath="" path="C:\Inetpub\vhosts\generationz.dev\error_docs\method_not_allowed.html" />
            <error statusCode="406" prefixLanguageFilePath="" path="C:\Inetpub\vhosts\generationz.dev\error_docs\not_acceptable.html" />
            <error statusCode="412" prefixLanguageFilePath="" path="C:\Inetpub\vhosts\generationz.dev\error_docs\precondition_failed.html" />
            <error statusCode="500" prefixLanguageFilePath="" path="C:\Inetpub\vhosts\generationz.dev\error_docs\internal_server_error.html" />
            <error statusCode="501" prefixLanguageFilePath="" path="C:\Inetpub\vhosts\generationz.dev\error_docs\not_implemented.html" />
            <error statusCode="502" prefixLanguageFilePath="" path="C:\Inetpub\vhosts\generationz.dev\error_docs\bad_gateway.html" />
        </httpErrors>
		   <rewrite>
           <rules>

                <rule name="LogFile" patternSyntax="ECMAScript" stopProcessing="true">
                     <match url="^[a-zA-Z0-9_\-]+\.js\.logs\/\d+\.txt$"/>
                </rule>

                <rule name="NodeInspector" patternSyntax="ECMAScript" stopProcessing="true">                    
                    <match url="^app.js\/debug[\/]?" />
                </rule>

                <rule name="StaticContent">
                     <action type="Rewrite" url="httpdocs{REQUEST_URI}"/>
					  <action type="Rewrite" url=".well-known{REQUEST_URI}"/>
                </rule>

                <rule name="DynamicContent">
                     <conditions>
                          <add input="{REQUEST_FILENAME}" matchType="IsFile" negate="True"/>
                     </conditions>
                     <action type="Rewrite" url="app.js"/>
                </rule>

           </rules>
      </rewrite>
	  
    </system.webServer>
</configuration>

Hi @Mendistern

checking your website there is a http status 500 - ServerError ( https://check-your-website.server-daten.de/?q=generationz.dev ):

Always the same: URL Rewrite Module Error.

But I have no idea how your configuration works. Nodejs + Plesk + Windows.

Looks like you have something in your Url Rewrite Module defined, that doesn't work.

So first step: Remove your complete rewrite block (or add comments - <!-- and -->). Then recheck your domain to see, if it works.

PS: You have a dev domain. That's a top level domain which is preloaded. So you can't check your site with your browser, if you don't have a working certificate. So use online tools to check your site.

i’ve added the web.config file.
isn’t that enough?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.