Passing HTTP Challenge on Plesk

Could it be that if the challenge reads the file with the token it expects plain text and therefore it cannot proceed?

I can load a text-file without problems from directory /.well-known/acme-challenge/textfile.txt
when however I want to load the file with the token I get the question what to do with this binairy file although I just generated a textfile in Plesk.

I tried the manual way, with "certbot certonly --manual . . . " on my local machine. And I tried the plugin in Plesk the error is the same.

I run a combination of apache/nginx.

Regards,
Jan

Hi @janvl

Unfortunately your question is hard to follow.

What is it that you are trying to say.

Plesk also have their own LetsEncrypt plugin - have you tried using that?

https://ext.plesk.com/packages/f6847e61-33a7-4104-8dc9-d26a0183a8dd-letsencrypt

Andrei

Thanks Andrei,

I have used certbot as a standalone programm on my linux desktop te generate certs that I uploaded to the server.

After that I have installed the letsencrypt plugin in Plesk 12.5 which makes things a lot easier.

Now I needed to generate a certificate and it did not work on this server, I oversaw that the service was down, the 504 error.

Now the service is there again I tried the plugin but get an authorise error (404) with the acme-challenge.
So I tried generating from my desktop and get the same authorise error.
I put a text-file in /.well-known/acme-challenge which can be read in the browser.
Trying to load the file with the token in the browser tells me it is a binairy and the browser asks me what to do with it.

On the same server I have generated through the plugin several certs and I guess it broke after the compagny I rent this dedicated server disabled smb (that I have to check out).
I found that one can use ForceType text/plain in Apache I have not tried it yet.

Regards,
Jan

Mit dieser Nginx Anweisung kann ich in den Browser das Token als Plaintext lesen.
Nur ist der Fehler nicht weg.

location ^~ /.well-known/acme-challenge/ {
default_type “text/plain”;
}

Ich bekomme immer noch

Failed authorization procedure. [domain].[tld] (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://[domain].[tld]/.well-known/acme-challenge/V0ULri8T_9ROHquayNG6ywhoDo9v3EmDT4TTzb0Jr8Q: "

404 Not Found . . . . . .

Ich vermute eine Apache-Einstellung aber welche?
Bis vor 2 Monaten hat alles funktioniert, nur nachdem Netbios (smb) als Dienst entfernt war scheint es nicht mehr zu funktionieren, scheint mir aber unlogisch.

MfG
Jan

Sind Sie sicher, dass die Datei unter die bestimmte URL verfügbar ist? Zum Beispiel sollte certbot --manual eine URL zeigen, wo die Datei verfügbar sein muss. Diese URL ist auch die gleiche (mindestens hoffen wir, dass sie die gleiche ist!) URL woher die Zertifierungsstelle das Token eventuell herunterladen versucht. Deshalb ist sie die gleiche URL, die Sie im Fehlerhinweis finden.

Normalerweise zeigt certbot --manual das Folgende:

Make sure your web server displays the following content at
{uri} before continuing:

{validation}

Also meine Frage ist, ob der Browser das Token in dieser bestimmten URL findet und ob er es herunterladen/zeigen kann bevor Sie im certbot --manual fortfahren.

Das Problem ist gelöst.

Irrtümlich war der Domain nicht unter IPv6 erreichbar, alles funktioniert wie normal wenn das erledigt war.
Mein Hoster hat mich geholfen.

Ach jee, ich sehe dass ich halbwegs auf deutsch umgeschaltet bin.

For those that do not speak german.
The site was not reachable under IPv6, after that was corrected all is functioning as usual.

PS a big thanks to this community for Letsencrypt and for explaining with a lot of patience to those that are new to the subject.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.