Jump to content

Recommended Posts

Posted

We just heard back from Let's Encrypt regarding our rate limit increase request. They have increased our limit even more than we asked for. That means that everyone will be able to get free SSL automatically and easily through Plesk, and when we start offering new accounts they will all come with SSL too. We asked for a rate limit increase a few years ago and Let's Encrypt never even responded to us, so this is amazing news.

  • Like 4
  • Thanks 6
Posted

Hello Krydos, thank you very much for this good news, however, today, I still recieved an email saying that plesk could not renew let's encrypt certificates...

Any clue why ?

 

Cheers

Posted

It's because at some point you changed your www DNS record to

www     14400   IN      CNAME   www.garrigue.heliohost.org.cdn.cloudflare.net.

It was probably the Cloudflare plugin in cPanel that did it. I changed it back to the default and it works now.

  • Like 1
Posted

Hello @krydos, I tried but it still failed.

This is the email I received this morning :

 

Plesk

 

Could not secure domains of garrigue (login garrigue) with Let`s Encrypt certificates. Please log in to Plesk and secure the domains listed below manually.
Securing of the following domains has failed:

** 'juliengarrigue.com' **
Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/116277823006.
Details:
Type: urn:ietf:params:acme:error:unauthorized
Status: 403
Detail: 2606:4700:3036::ac43:d9af: Invalid response from https://juliengarrigue.com/.well-known/acme-challenge/PYH_FjaBYVH23RLEEJpLXrx8d3QIrpZ3HJmHY9iQGtM: 404

The following domains have been secured without some of their Subject Alternative Names:

<none>

Could not renew Let`s Encrypt certificates for garrigue (login garrigue). Please log in to Plesk and renew the certificates listed below manually.
Renewal of the following Let`s Encrypt certificates has failed:

<none>

The following Let`s Encrypt certificates have been renewed without some of their Subject Alternative Names:

<none>


Legend:
[+] This domain is secure. The domain's SSL/TLS certificate from Let`s Encrypt has been issued/renewed.
[-] This domain is not secure. Either the domain's SSL/TLS certificate from Let`s Encrypt could not be issued/renewed or the domain name was excluded from the certificate. Renew the certificate manually or request a new one to secure this domain.

 

So I have been onto my CPANEL and I tried to manually create a Let's Encrypt SSL Certificate but a new error message appears:

Quote

Could not issue an SSL/TLS certificate for juliengarrigue.com
Details

Could not issue a Let's Encrypt SSL/TLS certificate for juliengarrigue.com.



The juliengarrigue.com DNS zone contains an AAAA record, but the domain is not assigned an IPv6 address in Plesk.

To resolve the issue, either assign an IPv6 address to juliengarrigue.com
("Websites & Domains" > "Web Hosting Access") or remove the AAAA record from the juliengarrigue.com DNS zone.

See the related Knowledge Base article for details.

Details
Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/116313289426.

Details:

Type: urn:ietf:params:acme:error:unauthorized

Status: 403

Detail: 2606:4700:3034::6815:460a: Invalid response from https://juliengarrigue.com/.well-known/acme-challenge/fxmY4xco2VlJZlmniDFEPob5dfTgKYQYLCU-1WKA00w: 404

I've tried to follow the instructions but I don't have Access to IPV6 settings, neither DNS records. By the way, is it plan, in the future to have access again to this type of settings?

 

Thank you for your help !

 

Best regards,

J

Posted

Oh, I thought you were talking about garrigue.heliohost.org. Since you're using Cloudflare for juliengarrigue.com you have to get SSL from them. The other option is you can use ns1.heliohost.org and ns2.heliohost.org and then Plesk will be able to issue SSL for you.

  • Like 1
Posted

I did what you recommend and let's encrypt is still unable to make an ssl.

Same error message in the mail as my previous post.

Posted

It was a different issue now. Since Plesk doesn't have access to DNS yet you can't issue wildcard SSL certificates. It's the same reason you can't add domains on your own right now. Eventually you will be able to add domains on your own and use wildcard certificates. For now I just issued a regular certificate and it worked fine.

  • Like 1
  • Krydos locked and unlocked this topic
Posted

That's great news, thank's to you Krydos. Thank's also to Letsencrypt. A+

  • Krydos locked this topic
Guest
This topic is now closed to further replies.
×
×
  • Create New...