Renew SSL Cert on GoDaddy Shared Windows - modified Plesk


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.damonjgray.org

My web server is (include version): GoDaddy shared Windows Hosting with modified Plesk administration panel. (I’ll explain “modified” below)

The operating system my web server runs on is (include version): Windows, but I don’t know the version.

My hosting provider, if applicable, is: GoDaddy (I’ll likely drop them in April)

I can login to a root shell on my machine (yes or no, or I don’t know): Well, it’s not Linux, so no “root” but I can FTP to my webroot.

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): GoDaddy has implemented a scaled back version of Plesk for this Shared Windows hosting. True Plesk has Let’s Encrypt support integrated. The GoDaddy version does not. I suspect that is because they want me to buy their SSL Certificate.

Here’s where the issue stands:

  1. I Successfully generated and installed a Let’s Encrypt cert three months ago via ZeroSSL.
  2. About two weeks ago the cert expired so I am attempting to renew it, or replace it. I have the cert request, and ZeroSSL is at the stage of wanting to authenticate my control of the Domain. The file it is looking for is in the .well-known/acme-challenge folder.
  3. With each attempt to contact that file for authentication, I get a 403 error.

I have been attempting to tweak the file and folder permissions for two days now with no luck.
I have generated several different files to see if the issue was with the file itself. No luck.
I have turned off SSL on the site. No luck.

No matter what I try, I get the 403 error. “Forbidden You do not pave permission to access this document.”

Suggestions?


#2

I can’t even access your main domain name …

What are the permissions on your root folder ( for your html files ) ? and do you have any restrictions on access to your main page that you’re aware of ?


#3

Hey serverco - thanks for the astonishingly quick reply.

When I look at the permissions for httpdocs (the webroot) I see the Application Pool Group has Read & Execute, Read, and List Folder Contents permissions.

Seemingly in my attempts to get this to work, I have taken a few steps backward. Up till a couple of days ago, the site was “up” but not secure. Now it appears the entire site is unavailable.

The site is ASP.Net / C#, so the default document is Default.aspx. I have not (knowingly) set any restrictions.


#4

Okay … now I am really confused. I have not even successfully installed the new certificate, but it is working. The site is showing as secure again. What gives??


#5

I’m not sure what changed - at least it’s working though :slight_smile:

Did you make any changes on permisions or anything for it to start working ?


#6

I have a new clue, and it may help others with this same issue. In the Plesk admin panel, under Web Server Settings, I untic’d the checkbox labeled “Require SSL.” That seems counter-intuitive because I want the site totally secured/encrypted. I have an HTTP to HTTPS redirect in my web.config, so that takes care of it, but it makes me curious what is happening behind the scenes with that checkbox.


#7

That checkbox should also create the same redirect you created manually in your web.config file.

It’s possible that IIS gets confused when told to do the same redirection twice. :wink:


#8

OH! Okay, well that makes total sense. Thanks Patches!


#9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.