Certificate error

Shri18 · July 31, 2019, 10:04pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:www.partybuz.com

I ran this command:
I am having again problem with renew my certificate on Plesk onyx. I am trying to generate certificate via ssl for free . Though after uploading files when I click on link its giving 404 error. I could see load of files under acme-challenge folder. Do I need to delete all the files?Please help

It produced this output:

My web server is (include version):Plesk onyx 17.8

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):plesk

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Shri18 · July 31, 2019, 10:10pm

Do you have any documents which guides step by step to renew lets encrypt certificate on Plesk onyx

jsha · August 1, 2019, 12:57am

Have you tried these instructions? https://docs.plesk.com/en-US/onyx/administrator-guide/plesk-administration/securing-plesk/securing-plesk-and-the-mail-server-with-ssltls-certificates.59466/#o78763

JuergenAuer · August 1, 2019, 6:30am

Hi @Shri18

checking your domain you have ipv4- and ipv6 - addresses ( https://check-your-website.server-daten.de/?q=partybuz.com ):

Host	T	IP-Address	is auth.	∑ Queries	∑ Timeout
partybuz.com	A	139.162.201.128 London/England/United Kingdom (GB) - LINODE-UK Hostname: firepixel.co.uk	yes	1	0
	AAAA	2a01:7e00::f03c:91ff:fee4:cd74 London/England/United Kingdom (GB) - Linode	yes
www.partybuz.com	A	139.162.201.128 London/England/United Kingdom (GB) - LINODE-UK Hostname: firepixel.co.uk	yes	1	0
	AAAA	2a01:7e00::f03c:91ff:fee4:cd74 London/England/United Kingdom (GB) - Linode	yes

But your ipv4 works, your ipv6 not, only timeouts:

Domainname	Http-Status	redirect	Sec.	G
• http://partybuz.com/
139.162.201.128	302	https://partybuz.com/	0.110	A

• http://www.partybuz.com/
139.162.201.128	301	http://partybuz.com/	0.057	D

• http://partybuz.com/
2a01:7e00::f03c:91ff:fee4:cd74	-14		10.027	T
Timeout - The operation has timed out

• http://www.partybuz.com/
2a01:7e00::f03c:91ff:fee4:cd74	-14		10.014	T
Timeout - The operation has timed out

• https://www.partybuz.com/
139.162.201.128	301	https://partybuz.com/	3.206	N
Certificate error: RemoteCertificateChainErrors

• https://partybuz.com/
139.162.201.128	200		3.923	N
Certificate error: RemoteCertificateChainErrors

• https://partybuz.com/
2a01:7e00::f03c:91ff:fee4:cd74	-14		10.016	T
Timeout - The operation has timed out

• https://www.partybuz.com/
2a01:7e00::f03c:91ff:fee4:cd74	-14		10.013	T
Timeout - The operation has timed out

• http://www.partybuz.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
139.162.201.128	301	http://partybuz.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de	0.060	D
Visible Content: 301 Moved Permanently nginx

• http://partybuz.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
139.162.201.128	404		0.060	A
Not Found
Visible Content: 404 Not Found nginx

• http://partybuz.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2a01:7e00::f03c:91ff:fee4:cd74	-14		10.017	T
Timeout - The operation has timed out
Visible Content:

• http://www.partybuz.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2a01:7e00::f03c:91ff:fee4:cd74	-14		10.027	T
Timeout - The operation has timed out

Every ipv6 connection has a Grade T = Timeout.

Letsencrypt prefers ipv6, so Letsencrypt can't check the validation file from /.well-known/acme-challenge.

Two options:

remove your ipv6 entry (or, better)
fix your setup, so your ipv6 works correct.

But I don't know how to do that in Plesk.

Then recheck your domain to see, if there is no Grade T.

Shri18 · August 1, 2019, 10:03am

Thank you for your response. In Plesk DNS setting , I couldn’t see any ipv6 entries. Only ipv4 records are there

JuergenAuer · August 1, 2019, 10:06am

That's only a local, not relevant configuration.

Check your domain setup, Linode is your domain provider. There you have ipv6 AAAA entries.

system · August 31, 2019, 10:07am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.