Trouble renewing certificate for

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:
Via Plesk - renew certificate

It produced this output:
Error: Could not issue a Let’s Encrypt SSL/TLS certificate for .

Your domain in Plesk is hosted on the IP address(es): , but the DNS challenge used another IP address: .
Please check the actual DNS zone of your domain and make sure that the IP addresses in the DNS zone and for the hosting are the same.

Invalid response from
Type: urn:acme:error:unauthorized
Status: 403
Detail: Invalid response from “<!DOCTYPE HTML PUBLIC “-//IETF//DTD HTML 2.0//EN”>
<title>404 Not Found</title>
<h1>Not Found</h1>

My web server is (include version):
Linux & Plesk Oynx

The operating system my web server runs on is (include version):
Ubuntu 16.04

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):
I don’t know - I tend to use GUI and avoid root unless absolutely neccessary

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
Plesk Onyx

Other domains on the same server, with the same IP are renewing just fine - it’s only this domain that seems to be having the problem.

Thanks in advance for your help

Hi @jmgraphicdesign

you have one certificate with four domain names:;include_subdomains:false;

But has another ip address ( ). So Certbot / Plesk cannot create the validation file there.

If the uses another server, you should create a certificate only with the two domain names

1 Like

Thank you so much - yes you’re right, I hadn’t realised the alias was still pointing to the old server!

I wouldn’t have picked up on this myself, thanks for checking and pointing it out - I changed the ip for the alias and it worked straight away :slight_smile:

1 Like

Yep, now;include_subdomains:true;

there is new new certificate.

Created today, not visible at 18:25 :wink: And already installed -

A post was split to a new topic: Renewing the certificate on

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.