Hi I tried to reissue a certificate in plesk and it just errors out with a curl error.
It might be our IP is on your blocklist for some reason?
The ip is: 145.131.3.230
Edit: sorry its Curl error 56
Hi I tried to reissue a certificate in plesk and it just errors out with a curl error.
It might be our IP is on your blocklist for some reason?
The ip is: 145.131.3.230
Edit: sorry its Curl error 56
https://curl.se/libcurl/c/libcurl-errors.html
CURLE_SSL_CONNECT_ERROR (35)
A problem occurred somewhere in the SSL/TLS handshake. You really want the error buffer and read the message there as it pinpoints the problem slightly more. Could be certificates (file formats, paths, permissions), passwords, and others.
Does your server have ISRG Root X1
in its keystore? Certificate Compatibility - Let's Encrypt
Try running
openssl s_client -quiet -verify 10 -connect acme-v02.api.letsencrypt.org:443
CURLE_RECV_ERROR (56)
Failure with receiving network data.
Uhm.
Thanks. I have made a mistake on the error code.
The openssl command returns this:
openssl s_client -quiet -verify 10 -connect acme-v02.api.letsencrypt.org:443
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = acme-v02.api.letsencrypt.org
verify return:1
So the certificate is fine and you can connect to the ACME endpoint.
Now try:
curl -iL https://acme-v02.api.letsencrypt.org/directory
That returns this:
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 21 Mar 2022 11:07:21 GMT
Content-Type: application/json
Content-Length: 658
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"A6kIuX1nBIo": "Adding random entries to the directory",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
So the problem is not with your server, nor your network, nor Let's Encrypt: plesk is messing up or something else (a firewall?) is interfering with it.
And I don't know plesk. Sorry. I hope somebody else here knows more.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.