A Plesk hosted website is not accessible: Error 526 Invalid SSL certificate

Symptoms

• The domain "example.com" hosted in Plesk is not accessible with the following error shown on a web browser:

  Error 526 Invalid SSL certificate

• While accessing using the URL "www.example.com" instead, the website works correctly.

• The website "www.example.com" is using Cloudflare, while "example.com" is resolving to Plesk IP address directly:

  # dig +short example.com @8.8.8.8
  203.0.113.2

  # dig +short www.example.com @8.8.8.8
  www.example.com.cdn.cloudflare.com.
  198.51.100.2

• Unable to issue Let's Encrypt certificate for "example.com":

  Error: Could not issue a Let's Encrypt SSL/TLS certificate for example.com.
  The authorization token is not available at http://example.com/.well-known/acme-challenge/_sJGmwn5GZYcXm8nqwAMKLBvOpBXLaokwCHjby3MvY4.
  To resolve the issue, make sure that the token file can be downloaded via the above URL.

Cause

There is a Cloudflare misconfiguration.

Resolution

• Change the SSL configuration on Cloudflare to "Full" as recommended on this CloudFlare guide, or contact the Cloudflare Support team for further investigation about the source of this error.

Additional information

• Error 526: Invalid SSL certificate