Knowledge Base

Unable to issue or renew a Let’s Encrypt SSL certificate for webmail in Plesk: 403 unauthorized

Symptoms

Unable to issue or renew a Let’s Encrypt SSL certificate for webmail.example.com at Plesk > example.com > Let’s encrypt > selecting the Secure webmail on this domain checkbox. The following warning is shown
PLESK_WARN: Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz/mrkuES5ApWYKJEBElh47Ynxp03JmsjoKyADWUO0jbqA.
Details:
Type: urn:ietf:params:acme:error:unauthorized
Status: 403
Detail: Invalid response from https://webmail.example.com/.well-known/acme-challenge/CYt1tP_7l1JsJVWy9iRBN7bCl8PyJyx8lVlSQis9F6c [203.0.113.2]: “<html>rn<head><title>404 Not Found</title></head>rn<body bgcolor=”white”>rn<center><h1>404 Not Found</h1></center>rn<hr><center>”

Repeating the above steps issues or renews the SSL certificate successfully.

Cause

Let’s Encrypt extension bug EXTLETSENC-694 which will be fixed on future product updates.

Resolution

As a workaround, perform the process twice to successfully issue or renew the SSL certificate for the webmail:

Log into Plesk;
Go to Domains > example.com > Let’s Encrypt
Select the Secure webmail on this domain checkbox and click on Renew or OK.

Related Posts

How to Choose the Right Domain Name for your eCommerce Business

SSL Certificates and Web Security – A Guide

Strengthening PHP settings in Obsidian and the new PHP Composer

Knowledge Base

Unable to install a Let’s Encrypt certificate: User account ID doesn’t match account ID in authorization

Unable to cancel a Let’s Encrypt order on SSLIt! in Plesk: Integrity constraint violation: 19 NOT NULL constraint failed: OrderAttribute.value

Let’s Encrypt notification are still sent after a domain was deleted in a server with Plesk

Automatic Let’s Encrypt Certificate renewal for securing Plesk fails: empty domain name