Symptoms
- Unable to secure webmail in Plesk in Domains > example.com > SSL/TLS Certificates > Let's Encrypt if site example.com is hosted on another server:
An SSL / TLS certificate could not be issued for example.com.
Details An SSL / TLS Let's Encrypt certificate could not be requested for example.com.
Go to http://example.com/.well-known/acme-challenge/pt7YtTqj1HCGz2yLqRoRC-LN9SbtSp5v4cJpe0YXkY and check if the authorization token is available.
If it is, try requesting the certificate again. If not, there may be a problem with your DNS settings.
Your domain in Plesk is hosted at the following IP addresses: 203.0.113.2 although the DNS task used another IP: 203.0.114.3.
Check that the IP addresses listed in the domain's DNS zone match the IP addresses where the domain is hosted.
If this is of no use to you or you cannot detect what is wrong with your DNS settings, check out this article from our knowledge base - Webmail may be secured already, but main domain that is hosted on another server is still trying to be renewed/installed and is marked the following way in SSLit extension:
Not Secured : The domain is not secured with a valid certificate. A valid certificate will be later automatically issued and installed.
Cause
When SSL/TLS Support is enabled in Domains > example.com > Hosting Settings Let's Encrypt by default tries to issue one certificate that includes example.com and webmail.example.com names.
Since example.com is hosted on another server such certificate can not be issued.
Resolution
Apply one of the following solutions to secure webmail only:
1. Configure Domain as No Hosting
- Log in to Plesk.
- Go to Domains > example.com > Hosting Settings.
- Configure Hosting Type as No web hosting:
Note: it will remove all files from domain.
2. Disable SSL/TLS Support on Domain
- Log in to Plesk.
- Go to Domains > example.com > Hosting Settings.
- Disable the option SSL/TLS Support:
with