I have a certificate to renew on our web server (it’s running Plesk 12.5.3 and CentOS 6.9) but the site (it’s a Wordpress site) goes through a proxy server (Sucuri). Our domain is pointed to the IP address at Sucuri rather than our actual web server IP address. I understand this is an issue because Let’s Encrypt wants to verify the IP address the domain resolves to. So when I attempt to renew the certificate through Plesk I receive the following error:
Error: Could not issue a Let’s Encrypt SSL/TLS certificate for thedomain.com
The authorization token is not available at http://thedomain.com/.well-known/acme-challenge/IcpQRZQL85enps323luQths_ypP3yB82DTjQA6y9Gak.
To resolve the issue, make it is possible to download the token file via the above URL.
See the related Knowledge Base article for details.
Additional error details:
Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/ZYDxLv8Okvy0VUxkkUDgRts9p2JfmqGv6wmSXy6bWdw.
Detail: Invalid response from http://thedomain.com/.well-known/acme-challenge/IcpQRZQL85enps323luQths_ypP3yB82DTjQA6y9Gak: "
Is there any way to renew the certificate without having to point the domain back to our web server? I recently took over our web server and site management in the interim while we hire someone that is trained in this (I know how to do some maintenance on the server and our site, but not a lot).