Search code examples
ssldebianplesklets-encrypt

Lets Encrypt does not sign my domains

I'm running plesk 17 on a debian machine. One certificate could be signed without problems. But then I got this error:

Error: Let's Encrypt SSL certificate installation failed: Failed letsencrypt execution: Saving debug log to /opt/psa/var/modules/letsencrypt/logs/letsencrypt.log
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mindmailer.de
http-01 challenge for www.mindmailer.de
Starting new HTTPS connection (1): 127.0.0.1
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. mindmailer.de (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://mindmailer.de/.well-known/acme-challenge/Zg70UTECV4lP-E25ateUev3vsq5nCbX-4L-KUXwUU4I: "<!DOCTYPE html>
<html lang="de" xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta charset="utf-8">
<!--
This website is powe", www.mindmailer.de (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.mindmailer.de/.well-known/acme-challenge/rreVCbEY8pX5eaWVMGiZsg2UxNennZfwkHC6WMAJV-Q: "<!DOCTYPE html>
<html lang="de" xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta charset="utf-8">
<!--
This website is powe"
IMPORTANT NOTES:
- The following errors were reported by the server:

Domain: mindmailer.de
Type: unauthorized
Detail: Invalid response from
http://mindmailer.de/.well-known/acme-challenge/Zg70UTECV4lP-E25ateUev3vsq5nCbX-4L-KUXwUU4I:
"<!DOCTYPE html>
<html lang="de" xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta charset="utf-8">
<!--
This website is powe"

Domain: www.mindmailer.de
Type: unauthorized
Detail: Invalid response from
http://www.mindmailer.de/.well-known/acme-challenge/rreVCbEY8pX5eaWVMGiZsg2UxNennZfwkHC6WMAJV-Q:
"<!DOCTYPE html>
<html lang="de" xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta charset="utf-8">
<!--
This website is powe"

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.

What could be the problem in this case? DNS A records are on the right ip adress .. Any ideas?

Thanks

Solution

  • You have redirects, which conflicts with the Let's Encrypt - challenge ( => "marketing.mindmailer.de" ) and as you can see in your error - log, Let's Encrypt tries to write to "mindmailer.de/.well-known/acme-challenge/", which is not possible this way.