Could not obtain directory: cURL error 6: Could not resolve host: acme-v01.api.letsencrypt.org; Name or service not known


#1

I can’t install the SSL for plesk protection. I use a dedicated url root.pixelcreative.it for the access of my cloud server.
Help me please.

My domain is:

I ran this command: let’s encrypt plesk extension

It produced this output: Could not obtain directory: cURL error 6: Could not resolve host: acme-v01.api.letsencrypt.org; Name or service not known

My web server is (include version): CentOS 7.x 64bit - Plesk Onyx

The operating system my web server runs on is (include version): CentOS 7.x 64bit

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): plesk onyx 17.8.11


#2

Hi @pixelcreative,

Can you ping the ACME API endpoint with this command?

ping acme-v01.api.letsencrypt.org

Can you resolve other DNS domain names on your server? Can you connect to any other Internet hosts by name using any commands on the command line?


#3

Sorry but I’m a beginner. I ran the comand, this is the response of the server:

PING e14990.dscx.akamaiedge.net (23.12.90.220) 56(84) bytes of data.
64 bytes from a23-12-90-220.deploy.static.akamaitechnologies.com (23.12.90.220): icmp_seq=1 ttl=54 time=7.29 ms
64 bytes from a23-12-90-220.deploy.static.akamaitechnologies.com (23.12.90.220): icmp_seq=2 ttl=54 time=7.27 ms
64 bytes from a23-12-90-220.deploy.static.akamaitechnologies.com (23.12.90.220): icmp_seq=3 ttl=54 time=7.34 ms
64 bytes from a23-12-90-220.deploy.static.akamaitechnologies.com (23.12.90.220): icmp_seq=4 ttl=54 time=7.38 ms
64 bytes from a23-12-90-220.deploy.static.akamaitechnologies.com (23.12.90.220): icmp_seq=5 ttl=54 time=7.25 ms
64 bytes from a23-12-90-220.deploy.static.akamaitechnologies.com (23.12.90.220): icmp_seq=6 ttl=54 time=7.34 ms
64 bytes from a23-12-90-220.deploy.static.akamaitechnologies.com (23.12.90.220): icmp_seq=7 ttl=54 time=7.31 ms
64 bytes from a23-12-90-220.deploy.static.akamaitechnologies.com (23.12.90.220): icmp_seq=8 ttl=54 time=7.30 ms
64


#4

@jsha any ideas about whether this is a CDN issue, a Plesk issue, or a server DNS configuration issue?

@pixelcreative, could you also try this command?

curl https://acme-v01.api.letsencrypt.org/directory


#5

{
“key-change”: “https://acme-v01.api.letsencrypt.org/acme/key-change”,
“meta”: {
“caaIdentities”: [
letsencrypt.org
],
“terms-of-service”: “https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf”,
“website”: “https://letsencrypt.org
},
“new-authz”: “https://acme-v01.api.letsencrypt.org/acme/new-authz”,
“new-cert”: “https://acme-v01.api.letsencrypt.org/acme/new-cert”,
“new-reg”: “https://acme-v01.api.letsencrypt.org/acme/new-reg”,
“r86q-WD7x4M”: “Adding random entries to the directory”,
“revoke-cert”: “https://acme-v01.api.letsencrypt.org/acme/revoke-cert
}


#6

That’s weird because that should be the same thing that Plesk is trying to do! (Could you try it a second time in Plesk, then?)


#7

the same error:

Errore: Could not issue a Let’s Encrypt SSL/TLS certificate for root.pixelcreative.it.
Details
Could not obtain directory: cURL error 6: Could not resolve host: acme-v01.api.letsencrypt.org; Name or service not known (see http://curl.haxx.se/libcurl/c/libcurl-errors.html)


#8

@pixelcreative: Do you have shell access to your Plesk instance? When you ran the curl and ping commands, did you run them on your laptop, or in an SSH shell on your Plesk instance?


#9

I run the commands on my laptop


#10

Oh, we want to see the results of running those commands on your server rather than on your laptop.


#11

sorry but I think that I don’t understand. I ran the commands via ssh with terminal of my mac os x


#12

Your laptop has a shell prompt and your server also has a shell prompt (which you access via ssh). Which shell prompt was displayed when you typed the command?


#13

Here’s an example command that you can run in your laptop terminal, that will run curl inside an SSH session:

ssh root.pixelcreative.it curl https://acme-v01.api.letsencrypt.org/directory

(Note: You may need to substitue ssh root@root.pixelcreative.it or however you normally run SSH)


#14

I ran the comand:

% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:–:-- --:–:-- --:–:-- 0{
“key-change”: “https://acme-v01.api.letsencrypt.org/acme/key-change”,
“mAHHlep5UQQ”: “Adding random entries to the directory”,
“meta”: {
“caaIdentities”: [
letsencrypt.org
],
“terms-of-service”: “https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf”,
“website”: “https://letsencrypt.org
},
“new-authz”: “https://acme-v01.api.letsencrypt.org/acme/new-authz”,
“new-cert”: “https://acme-v01.api.letsencrypt.org/acme/new-cert”,
“new-reg”: “https://acme-v01.api.letsencrypt.org/acme/new-reg”,
“revoke-cert”: “https://acme-v01.api.letsencrypt.org/acme/revoke-cert
100 658 100 658 0 0 1973 0 --:–:-- --:–:-- --:–:-- 1970
[root@pixelcreative ~]#


#15

This might be a long shot, but depending what mode PHP is run in, after some packages updates (libcurl, libc), DNS resolution may begin to fail when using PHP’s curl functions, unless services are restarted to re-link all of the libraries.

You can test this by restarting Plesk’s services and any web servers that it runs. If you don’t know how to do that, a full server reboot will do the same thing, but of course all the sites would go down for some time.

Edit: turns out this is already reported and documented: https://support.plesk.com/hc/en-us/articles/360004139594-cURL-error-6-Could-not-resolve-host-example-com-Name-or-service-not-known


#16

I already restart the server, how says this post:

but the problem persist


#17

Did it help? Did you restart the php-fpm(s), in particular, as well?


#18

I restart via plesk, not in shell


#19

I think it is most likely that something was not restarted, since from the earlier commands you ran, we know DNS is functioning fine, and that the issue was documented by Plesk just today.

If you can try each of the shell commands listed and try again, or a full reboot, it would help rule it out.


#20

Thank you for support. After complete restart the install of certificate has been installed correctly.