Could not issue an SSL/TLS certificate for Details Could not issue a Let's Encrypt SSL/TLS certificate for Authorization for the domain failed

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

  • My domain is:

  • I ran this command: upgrade certificate (from plesk) selecting all checks:

Let’s Encrypt is a certificate authority (CA) that allows you to create a free SSL/TLS certificate for your domain. By proceeding you acknowledge that you have read and agree to the Let’s Encrypt Terms of Service. Note: The certificate will be automatically renewed 30 days in advance before its expiration.

:white_check_mark:Email address:

Make sure to use a valid email address to receive important notifications and warnings.

:white_check_mark:Secure the wildcard domain (including www and webmail)


:white_check_mark:Include a “www” subdomain for the domain and each selected alias

:white_check_mark:Secure webmail on this domain

:white_check_mark:Assign the certificate to mail domain


Get it free

  • It produced this output:

Could not issue an SSL/TLS certificate for Details Could not issue a Let’s Encrypt SSL/TLS certificate for Authorization for the domain failed.

  • My web server is (include version):

Plesk Obsidian Web Pro Edition

Version 18.0.29 Update #2

  • The operating system my web server runs on is (include version):

CentOS Linux 7

  • I can login to a root shell on my machine:


  • I’m using a control panel to manage my site (no, or provide the name and version of the controlpanel):


  • The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Let’s Encrypt Version 2.11.1-640 plesk extension

  • Extra: This file contains /usr/local/psa/var/modules/letsencrypt/orders/74a8c674d41b28f7d043f2d2f17b1cdb58e039cd.json




1 Like

I have to ask:
Is your domain really “” ?

1 Like

Of course no, is really needed? If it’s a problem can rewrite the description.

Now there are a real data.

Thanks in advance for your interest.

I guess you didn’t read.

Hi @6sisyon

you want to create a wildcard. So dns validation is required.

And you have selected manual. So do your job and create the required TXT entry.

PS: Checks of your domain, ~~30 minutes old -

There is no TXT entry.

1 Like
  • Please wait while Plesk finishes adding a DNS record with the following parameters:
    Record type: TXT
    Domain name:
    Record: wTOMS3ur2oaM0SEaXdsaPKDIKo7TJLnXFUWyB8i5heg
    To terminate and delete the existing certificate request, click “Cancel”.
    Before clicking “Reload”, make sure that the DNS record was added and can be resolved externally.

  • In my dns settings i have the required TXT entry (Plesk & Godaddy):]( TXT wTOMS3ur2oaM0SEaXdsaPKDIKo7TJLnXFUWyB8i5heg

But doesn’t work…

You don’t. Or better: You have used the not relevant place.


D:\temp>nslookup -type=TXT
Server: UnKnown
primary name server =
responsible mail addr =
serial = 2020082502
refresh = 28800 (8 hours)
retry = 7200 (2 hours)
expire = 604800 (7 days)
default TTL = 600 (10 mins)

is nothing. / is one of your name servers, not that local Plesk.

You must add the entry in your GoDaddy menu.

PS: And “check-your-website” must see the entry / listed in the TXT part.

  • I have the entry: A in my godaddy menu.

  • And i still reciving the same error:

Could not issue an SSL/TLS certificate for

Could not issue a Let’s Encrypt SSL/TLS certificate for . Authorization for the domain failed.


Invalid response from


Type: urn:ietf:params:acme:error:unauthorized

Status: 403

Detail: No TXT record found at

  • I don’t know where the fail is…

There is again no TXT RR. So it can’t work.

Doing the same error again is a little bit curious.

1 Like

The orders says:


Says not:

type “dns-01”
status “invalid”
type “urn:ietf:params:acme:error:unauthorized”
detail “No TXT record found at”
status 403
token “sRc5NiM_DG8m-QwFFIAIi_-YDRh09ROVs_4POX8_RvU”

Same checking your order:

PS: The token is not the required TXT entry.

1 Like

What could be failing? in godaddy I have these registries:

|SOA|@|Main Server:

Not really. Completely wrong.

Why do you think such a configuration should work?

That’s a delegation from to, but these don’t answer.

So the real definition with a duplicated domain name (because the menu adds the domain name) goes to that not existing name server.

Please read

Then it will work. Not earlier.

1 Like

Hi JuergenAuer,

I have checked my “website”, my DNS settings in plesk are:

Host Record type Value TXT o=- TXT TXT v=DMARC1; p=none TXT K0PTtr9Lugm7uXWT5NKFZj_zmYLPn1Tfuo_EuToNAzQ CNAME A TXT v=spf1 +a +mx -all NS MX (10) A NS A A A A CNAME TXT v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEmPpzJDsJmQfggbHqGeers2HCa2IbJsgBfywnPwI6j8NP9XWFwv225/ikEVNgA+8/hoC90QBN5FJYlJ0ycbrqbQDvQmdm0Z3dz7DT88yxH5tAmfO+UCISrcIeZJbxyU/iI0txSFwyLzhVwkL5p+1puaEj7FmnYu4rNa2kpa6lwQIDAQAB;

But the problem still persist, any new idea?

You are doing the wrong things again and again. And you don’t read my 6 days old answer.

Your Plesk is unrelevant.

1 Like

I have read your answer again and again. I have the entry in goddady: /

What should i read exactly?

These entries:

don’t match these entries:  nameserver =  nameserver =

You should remove them.

That entry is “broken”

That entry should not need the “default.” beginning.
Delete it and replace it with the proper name.

Those are NOT your name servers.
Delete them.