Unable to secure a domain and its aliases using Let’s Encrypt. The following error message appears in Plesk:
PLESK_ERROR: Error: Could not issue a Let’s Encrypt SSL/TLS certificate for example.com.
Your domain in Plesk is hosted on the IP address(es): , but the DNS challenge used another IP address: 203.0.113.2.
Please check the actual DNS zone of your domain and make sure that the IP addresses in the DNS zone and for the hosting are the same.
The following entries are found in
/usr/local/psa/admin/logs/panel.logwhen Plesk debug mode is enabled:
WARN [extension/letsencrypt] Cannot get IP addresses for domain 'example2.com': Can not find domain by name 'example2.com'.
DEBUG [extension/letsencrypt] pm_Exception: Can not find domain by name 'example2.com'
Domain alias is resolving to another server. This can be checked using the “nslookup” utility:
# nslookup example.com 22.214.171.124
# nslookup example2.com 126.96.36.199
Aliases are resolving to a different server.
Point DNS records of aliases to the Plesk server on a registrar side, wait for DNS propagation to be completed and secure the domain and alias;
Log into Plesk
Go to Domains > example.com > Let’s Encrypt
example2.comfrom the Select the domain aliases to secure section:
Additionally, it is possible to enable Synchronize DNS zone with the primary domain option at Domains > example2.com to keep the DNS records synchronized between the domain and its alias.