Plesk - Let's Encrypt SSL certificate installation failed

Until yesterday I had no problems settings Let’s encrypt for any domain in my plesk panel. I’ve set up for about 30 but yesterday I had some problems. After waiting to Let’s Encrypt solved some problems with the server I started to get this messages with two new domains I’ve created in Plesk.

Error: Let’s Encrypt SSL certificate installation failed: Challenge marked as invalid. Details: Could not connect to domain.tld

It shows the same error in both domains. It’s strange because I didn’t change nothing since the last time unless the regular plesk updates. Help ?

hi @xcrap

Have you tried again?

Plesk develops their own plugin and most people on this forum may not be able to assist as it is an obfuscated source code.

I suggest posting this issue on the Plesk forums or to Plesk support.

Andrei

Yes and it’s still not working. I asked here because no changes were made in the web server and everything worked fine until last weekend, but it’s possible that a plesk update have made some interference. I’ll try to search deeper.

I had the same error.
The problem in my case was that the domain was not accessible via ipv6.

In the past the connection seemed to be made with ipv4.

I’ve disabled ipv6 but still get the same error.

My hosting provider said it was because of cloudflare, but I always could connect cloudflare with Let’s Encrypt for the already 30 domains I had. I’ve disabled cloudflare, try it again after waiting for some hours but with cloudflare disabled I have exactly the same error.

Checking the log files I got this.

AH01909: RSA certificate configured for azoresforrent.pt:443 does NOT include an ID which matches the server name

Any idea of what this means ?

Yes, it means that the web server has not been correctly configured to use your certificate.

That certificate exists—it was issued successfully earlier today

https://crt.sh/?id=142871115

but the web server somehow doesn’t know that it should be using it.

I do believe that the original certificate issuance problems you had might have related to IPv6 because Let’s Encrypt changed its practices just last week to always use IPv6 for validations when possible, and your site has both an IPv6 and an IPv4 address, so the default validation method would have changed recently. But the specific error that you see now (“RSA certificate […] does NOT include an ID”) is seemingly not a direct result of this change, because the certificate was successfully issued.

I agree with @ahaw021 that it’s difficult for us to provide support for Plesk because so far there are no Plesk developers participating in this forum. You might be able to get better support on a Plesk-specific forum.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.