Certificate error

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:www.partybuz.com

I ran this command:
I am having again problem with renew my certificate on Plesk onyx. I am trying to generate certificate via ssl for free . Though after uploading files when I click on link its giving 404 error. I could see load of files under acme-challenge folder. Do I need to delete all the files?Please help

It produced this output:

My web server is (include version):Plesk onyx 17.8

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):plesk

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Do you have any documents which guides step by step to renew lets encrypt certificate on Plesk onyx

Have you tried these instructions? https://docs.plesk.com/en-US/onyx/administrator-guide/plesk-administration/securing-plesk/securing-plesk-and-the-mail-server-with-ssltls-certificates.59466/#o78763

2 Likes

Hi @Shri18

checking your domain you have ipv4- and ipv6 - addresses ( https://check-your-website.server-daten.de/?q=partybuz.com ):

Host T IP-Address is auth. ∑ Queries ∑ Timeout
partybuz.com A 139.162.201.128 London/England/United Kingdom (GB) - LINODE-UK Hostname: firepixel.co.uk yes 1 0
AAAA 2a01:7e00::f03c:91ff:fee4:cd74 London/England/United Kingdom (GB) - Linode yes
www.partybuz.com A 139.162.201.128 London/England/United Kingdom (GB) - LINODE-UK Hostname: firepixel.co.uk yes 1 0
AAAA 2a01:7e00::f03c:91ff:fee4:cd74 London/England/United Kingdom (GB) - Linode yes

But your ipv4 works, your ipv6 not, only timeouts:

Domainname Http-Status redirect Sec. G
http://partybuz.com/
139.162.201.128 302 https://partybuz.com/ 0.110 A
http://www.partybuz.com/
139.162.201.128 301 http://partybuz.com/ 0.057 D
http://partybuz.com/
2a01:7e00::f03c:91ff:fee4:cd74 -14 10.027 T
Timeout - The operation has timed out
http://www.partybuz.com/
2a01:7e00::f03c:91ff:fee4:cd74 -14 10.014 T
Timeout - The operation has timed out
https://www.partybuz.com/
139.162.201.128 301 https://partybuz.com/ 3.206 N
Certificate error: RemoteCertificateChainErrors
https://partybuz.com/
139.162.201.128 200 3.923 N
Certificate error: RemoteCertificateChainErrors
https://partybuz.com/
2a01:7e00::f03c:91ff:fee4:cd74 -14 10.016 T
Timeout - The operation has timed out
https://www.partybuz.com/
2a01:7e00::f03c:91ff:fee4:cd74 -14 10.013 T
Timeout - The operation has timed out
http://www.partybuz.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
139.162.201.128 301 http://partybuz.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 0.060 D
Visible Content: 301 Moved Permanently nginx
http://partybuz.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
139.162.201.128 404 0.060 A
Not Found
Visible Content: 404 Not Found nginx
http://partybuz.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2a01:7e00::f03c:91ff:fee4:cd74 -14 10.017 T
Timeout - The operation has timed out
Visible Content:
http://www.partybuz.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2a01:7e00::f03c:91ff:fee4:cd74 -14 10.027 T
Timeout - The operation has timed out

Every ipv6 connection has a Grade T = Timeout.

Letsencrypt prefers ipv6, so Letsencrypt can't check the validation file from /.well-known/acme-challenge.

Two options:

  • remove your ipv6 entry (or, better)
  • fix your setup, so your ipv6 works correct.

But I don't know how to do that in Plesk.

Then recheck your domain to see, if there is no Grade T.

2 Likes

Thank you for your response. In Plesk DNS setting , I couldn’t see any ipv6 entries. Only ipv4 records are there

2 Likes

That's only a local, not relevant configuration.

Check your domain setup, Linode is your domain provider. There you have ipv6 AAAA entries.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.