Could not issue/renew Let`s Encrypt certificates

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:opendoorcolchester.co.uk

I ran this command: This was an error response to, presumably, an automatic attempt to renew the certificate. We received an email from Proserve/Plesk showing the error. We have moved the hosting from Proserve/Plesk to Wix. The email server remains with Proserve/Wix. All this is well beyond my skill level so all help to resolve will be gratefully received. Wix IP is 23.236.62.147. Proserve/Plesk IP is 83.169.6.131

It produced this output:

Plesk https://www.plesk.com/

Could not secure domains of Peter Dale (login slewis) with Let`s

Encrypt certificates. Please log in to Plesk and secure the domains

listed below manually.

Securing of the following domains has failed:

The following domains have been secured without some of their Subject

Alternative Names:

Could not renew Let`s Encrypt certificates for Peter Dale (login

slewis). Please log in to Plesk and renew the certificates listed

below manually.

Renewal of the following Let`s Encrypt certificates has failed:

• 'Lets Encrypt opendoorcolchester.co.uk' [days to expire: 29] [-]

opendoorcolchester.co.uk [-] webmail.opendoorcolchester.co.uk [-]

www.opendoorcolchester.co.uk http://www.opendoorcolchester.co.uk

Invalid response from

https://acme-v02.api.letsencrypt.org/acme/authz-v3/5832318854.

Details:

Type: urn:ietf:params:acme:error:unauthorized

Status: 403

Detail: Invalid response from

http://opendoorcolchester.co.uk/.well-known/acme-challenge/JkZPsToDkkK

Pmeg0YwLRVGPPvcQ1nUPLvEMbzKIE5QM

The following Let`s Encrypt certificates have been renewed without

some of their Subject Alternative Names:

Legend:

[+] This domain is secure. The domain's SSL/TLS certificate from Let`s

Encrypt has been issued/renewed.

[-] This domain is not secure. Either the domain's SSL/TLS certificate

from Let`s Encrypt could not be issued/renewed or the domain name was

excluded from the certificate. Renew the certificate manually or

request a new one to secure this domain.
My web server is (include version): Don't know where can i find this?

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is Wix

I can login to a root shell on my machine (yes or no, or I don't know): I can on Proserve/Plesk but would need to work it out for Wix

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): I am on Proserve/Plesk but would need to work it out for Wix

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Don't know where can i find this?

Hi @OpenDoor

the www version is a Wix-hosted domain. So you have to use the integrated Wix-Solution to create a certificate, not Plexk. Plesk can't create the validation file if it's a Wix-hosted domain.

So the not working result is expected.

JuergenAs mentioned in my original request all this is beyond my skill set. I’d worked out the error was due to us changing the hosting to Wix but I don’t know how to resolve the problem. Any guidance you can give me to help me create the validation file with Wix would be very much appreciated

Regards
Graham on behalf of Open Door

As far as I know, Wix is a hosting provider, correct? Not a control panel by itself (the name “Wix”)? It might be they have their own custom control panel though, I have no idea.

In any case, @JuergenAuer is correct: you’d need to use the Wix control panel to enable Let’s Encrypt on the Wix systems, not on the original Plesk control panel from your previous host. Luckily that’s already the case.

Also, I’m not sure what the issue is here? Your site has TLS enabled through a Let’s Encrypt certificate as we speak. The fact your original hoster is still trying to generate certificates is an error on their part or perhaps on your part if you still have the site enabled on your old hosting provider, while the site isn’t formally used there.

Your www version has a valid certificate. Wix has an integrated and working Letsencrypt client.

Valid until 23.9.2020, there is no problem visible.

PS: You are not the first user with a Wix-domain.

Juergen

Thanks for the update. What happens on 23.9.2020, will i see the same error message again as i still don’t know how to fix the problem. Can i ignore this error message from Proserve/Plesk.
Regards
Graham on behalf of OpenDoor

If that error message is not from Wix, you can ignore it. Or even better: make sure your old hosting provider doesn't try to issue any certificate any further, because it won't work. (Because your site isn't hosted there any longer.)

Letsencrypt certificates normally renewed 30 days before expiration. So check your domain 10 - 15 earlier to see, if there is a new certificate.

And the Proserve/Plesk-error is completely unrelevant if you use Wix.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.