Symptoms
-
Unable to issue/renew a Let’s Encrypt certificate:
PLESK_ERROR: Error: Could not issue a Let’s Encrypt SSL/TLS certificate for example.com.
Your domain in Plesk is hosted on the IP address(es): , but the DNS challenge used another IP address: 203.0.113.3.
Please check the actual DNS zone of your domain and make sure that the IP addresses in the DNS zone and for the hosting are the same.
Details
Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/5B8TL2C3swolx5XyBM871hgUwlQlx_JBAMfuOB3pqOQ.
Details:
Type: urn:acme:error:unauthorized
Status: 403
Detail: Invalid response from http://example.org/.well-known/acme-challenge/PQkwA_59YpHBN7kC2NcUHkaBX2Z8F1GI0QEnxnP81k8: ”
<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”> -
Domain points to another IP address globally:
# dig +short example.com
203.0.113.4 - In Tools & Settings > IP Addresses a different IP address is set (
203.0.113.3
)
Cause
Internal IP address of the domain is not mapped to an external one.
Resolution
- Log in to Plesk.
- Go to Tools & Settings > IP Addresses >Â 203.0.113.3.
- Specify 203.0.113.4 as the Public IP address and click OK.