Webmail not securing for only one domain

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: vanderpoolexcavatingoh.com

I ran this command: Tried to reissue SSL certificate and "Secure webmail on this domain" for vanderpoolexcavatingoh.com. Website is secured but never the domain email

It produced this output: Encountered issues while issuing the certificate for webmail.vanderpoolexcavatingoh.com
Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/Call 14760156754 14760156754.
Type: urn:ietf:params:acme:error:unauthorized
Status: 403
Detail: Invalid response from http://webmail.vanderpoolexcavatingoh.com/.well-known/acme-challenge/d8_TvJX21uPdVh8JuQ4pUr_4sXob3c2lbeLA4z_7hkI []: "\r\n\r\n\r\n

My web server is (include version): Media Temple. DV Dedicated w/SSDs (CentOS 7)

CentOS Linux 7.9.2009 (Core)

The operating system my web server runs on is (include version): (CentOS 7)

My hosting provider, if applicable, is: Media Temple

I can login to a root shell on my machine (yes or no, or I don't know): I don't know

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Plesk

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): unsure

1 Like

Welcome to the Let's Encrypt Community, Elijah :slightly_smiling_face:

The problem is likely due to the panel creating the ACME challenge file under the wrong webroot directory for webmail.vanderpoolexcavatingoh.com. It's probably mistakenly creating it in the webroot directory for vanderpoolexcavatingoh.com. Please share this thread with your hosting provider and have them check under the hood.

1 Like

Is there a working website for the webmail name?
[if not, that is required for PleskLin to use nginx]

You might be able to bypass Plesk and use certbot directly with webroot and certonly ... but:

leaves me with much doubt.

How much access/control do you have over the server at IP ?

1 Like

Well after 7 days of not certifying it finally did. Not sure what buttons I pressed or what happened but everything is fine now. Media Temple was limited on what work they could perform since Lets Encrypt is third party. Thank You for the concerns.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.