Error creating certificate for *.domain.net

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

Hi, i’m not able to renew certificate for domain. I have a wp multisite configured on https://cittanet.net

i had to do a manual renew because plesk doesn’t support automatic renew and i never had no problem till yesterday.

when i try to renew i got this error from plesk:

Invalid response from https://acme-v02.api.letsencrypt.org/acme/order/XXXXXXXXXX/MYID.
Details:
Type: urn:ietf:params:acme:error:malformed
Status: 404
Detail: No order for ID MYID

what can i do to solve this problem?

My domain is: cittanet.net and *.cittanet.net

I ran this command: no command run, i use plesk

It produced this output:

My web server is (include version): Apache

The operating system my web server runs on is (include version): CentOS 6.10 (Final)‬

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): no

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Plesk Onyx 17.8.11

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Hi @cittanet

sounds like an internal Plesk problem. So you have three options:

  • Try it again, may be the problem is gone
  • it’s a (hidden) Plesk bug. Then the plesk forum may help.
  • Or it’s a problem of your Plesk configuration -> ask your hoster

Checking your domain ( https://check-your-website.server-daten.de/?q=cittanet.net ):

Your certificate has two domain names:

CN=cittanet.net
	15.05.2019
	13.08.2019
5 days expired	
*.cittanet.net, cittanet.net - 2 entries

But there is only one TXT entry:

To create one certificate with these two domain names, two entries _acme-challenge.cittanet.net with different values are required.

Looks like a broken validation. Perhaps remove that entry manual, then try it again.

1 Like

Hi JuergenAuer thanks for your reply!!

I just tried to renew it again but i got the same error :frowning:
I don’t think it is a plesk error because i always renewed it, at least for 4 or 5 times (it expires every 3 months)
i already asked my hoster and they replied me that it is a problem ho let’s encrypt servers… but i don’t think it is the truth so i wrote here :slight_smile:

In the past i used to:

  • renew certificate of cittanet.net
  • change the dns txt values for cittanet.net copying value from plesk message
  • confirm certificate renew
  • manually add a new certificate for *.cittanet.net copying data from cittanet.net certificate

now i want to try your method, where can i find TXT values to create the certificate with the two domain names? plesk doesn’t give me that values because i cannot renew it :frowning:

Hi cittanet,
I’ve got the same problem since this morning on french OVH VPS ubuntu 16 with plesk onyx 17.8.11.
Are you on OVH VPS too ?
I also opened a ticket on plesk forum but for the moment I’ve got no idea about where does it come from.

My domain gites-ardeche.fr

{
  "type": "urn:ietf:params:acme:error:malformed",
  "detail": "No order for ID <number>",
  "status": 404
}

I tried to delete acme entry in my DNS, to delete the previous certificate, restart the server… without sucess.
I don’t know where does it come from and my domain name has no more certificate.

Could anybody help us please.

Hi, no my server is near Rome and domain is registered with a company of Pescara (my city)

Hope this can help :

It worked for me.
Bye.

2 Likes

Thanks @Zefyx - so it’s something like a bug in Plesk.

That

Previous attempt to install a Let’s Encrypt certificate failed for some reason. As a result, the Let’s Encrypt extension tries to finalize an order without actually having fulfilled the required authorizations.

says, that older orders are used instead of creating a new order.

it worked for me too! Thanks!! :smiley:

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.