Plesk & SocialBee have teamed up. Save 30% now!

Get the Deal

Knowledge Base

Unable to issue a Let’s Encrypt certificate: The token file is either unreadable or does not have the read permission

 
301 redirectapplications extensionsdnsdomainsfile manager

Applicable to:

  • Plesk for Linux
  • Plesk for Windows

Symptoms

  • Installation of a Let's Encrypt certificate fails with one of the following error message in Plesk UI:

    The authorization token is not available at http://example.com/.well-known/acme-challenge/Ab87T7gZtQeJBq0C2I44O9egoe-WXTTlE-hBmdvDCHM.
    The token file 'С:Inetpubvhostsexample.com.well-knownacme-challengeAb87T7gZtQeJBq0C2I44O9egoe-WXTTlE-hBmdvDCHM' is either unreadable or does not have the read permission.

    Detail: Fetching https:/example.com/.well-known/acme-challenge/zQgf775Mm4z72VrrSybdlS725tk1IuSTrrwBaEoqzOg: **Error getting validation data

    Could not issue an SSL/TLS certificate for example.com
    Details
    Could not issue a Let's Encrypt SSL/TLS certificate for example.com. Authorization for the domain failed.
    Details
    Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/1708718328.
    Details:
    Type: urn:ietf:params:acme:error:connection
    Status: 400
    Detail: Fetching https://www.example.com/.well-known/acme-challenge/8DdIKX257k6Dih5s_saeVMpTnjPJdKO5Ase0OCiJrIw: Timeout during connect (likely firewall problem)

  • The option Permanent SEO-safe 301 redirect from HTTP to HTTPS is enabled in Domains > example.com > Hosting & DNS tab > Hosting Settings.

Cause

Rewrite rules to HTTPS prevent issuing of the Let's Encrypt certificate.

Resolution

  1. Log into Plesk

  2. Go to Domains > example.com > File Manager and remove the .well-known directory

  3. Temporarily disable the option Permanent SEO-safe 301 redirect from HTTP to HTTPS in Domains > example.com > Hosting & DNS Settings tab > Hosting Settings:

  4. Disable custom redirect rules:

    for Linux:
    • Rename .htaccess file into .htaccess.orig: Open Domains > example.com > File Manager > Click next to the .htaccess file > click Rename
    for Windows:
    • Rename web.config file into web.config.orig: Open Domains > example.com > File Manager > Click next to the web.config file > click Rename

    • Connect to the server via RDP and disable all HTTP<->HTTPS rules in IIS Manager at Server > Sites > example.com > URL Rewrite:

  5. Install a Let's Encrypt certificate at Domains > example.com > SSL/TLS Certificates

 

 

Read the full article
Related Posts
Knowledge Base

Hosting Wiki

Industry
Partners

industry-partner_ALIBABA
industry-partner_GOOGLEPARTNER
industry-partner_MICROSOFT
industry-partner_REDHAT-r2
industry-partner_ALIBABA
industry-partner_AUTOMATTIC
industry-partner_AWS
industry-partner_DIGITALOCEAN
industry-partner_SCALEWAY

Follow us:

Facebook Twitter Linkedin Youtube Github

© 2024 WebPros International GmbH. All rights reserved. Plesk and the Plesk logo are trademarks of WebPros International GmbH.

Managed with love with Plesk WP Toolkit