Renew SSL Cert on GoDaddy Shared Windows - modified Plesk

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.damonjgray.org

My web server is (include version): GoDaddy shared Windows Hosting with modified Plesk administration panel. (I’ll explain “modified” below)

The operating system my web server runs on is (include version): Windows, but I don’t know the version.

My hosting provider, if applicable, is: GoDaddy (I’ll likely drop them in April)

I can login to a root shell on my machine (yes or no, or I don’t know): Well, it’s not Linux, so no “root” but I can FTP to my webroot.

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): GoDaddy has implemented a scaled back version of Plesk for this Shared Windows hosting. True Plesk has Let’s Encrypt support integrated. The GoDaddy version does not. I suspect that is because they want me to buy their SSL Certificate.

Here’s where the issue stands:

1. I Successfully generated and installed a Let’s Encrypt cert three months ago via ZeroSSL.
2. About two weeks ago the cert expired so I am attempting to renew it, or replace it. I have the cert request, and ZeroSSL is at the stage of wanting to authenticate my control of the Domain. The file it is looking for is in the .well-known/acme-challenge folder.
3. With each attempt to contact that file for authentication, I get a 403 error.

I have been attempting to tweak the file and folder permissions for two days now with no luck.
I have generated several different files to see if the issue was with the file itself. No luck.
I have turned off SSL on the site. No luck.

No matter what I try, I get the 403 error. “Forbidden You do not pave permission to access this document.”

Suggestions?

I can’t even access your main domain name …

What are the permissions on your root folder ( for your html files ) ? and do you have any restrictions on access to your main page that you’re aware of ?

Hey serverco - thanks for the astonishingly quick reply.

When I look at the permissions for httpdocs (the webroot) I see the Application Pool Group has Read & Execute, Read, and List Folder Contents permissions.

Seemingly in my attempts to get this to work, I have taken a few steps backward. Up till a couple of days ago, the site was “up” but not secure. Now it appears the entire site is unavailable.

The site is ASP.Net / C#, so the default document is Default.aspx. I have not (knowingly) set any restrictions.

Okay … now I am really confused. I have not even successfully installed the new certificate, but it is working. The site is showing as secure again. What gives??

I’m not sure what changed - at least it’s working though

Did you make any changes on permisions or anything for it to start working ?

I have a new clue, and it may help others with this same issue. In the Plesk admin panel, under Web Server Settings, I untic’d the checkbox labeled “Require SSL.” That seems counter-intuitive because I want the site totally secured/encrypted. I have an HTTP to HTTPS redirect in my web.config, so that takes care of it, but it makes me curious what is happening behind the scenes with that checkbox.

That checkbox should also create the same redirect you created manually in your web.config file.

It’s possible that IIS gets confused when told to do the same redirection twice.

OH! Okay, well that makes total sense. Thanks Patches!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.