You may receive the below error while installing or renewing the Let's Encrypt SSL Certificate on Plesk.
Error: Could not issue a Let's Encrypt SSL/TLS certificate for demovpstest.com Authorization for the domain failed. Details Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz/9_fD4pJYnd6o4DNUxbG0WNtYOOm-G6TeHcz8TN1K9f4. Details: Type: urn:ietf:params:acme:error:unauthorized Status: 403 Detail: Incorrect TXT record "Rq5AN5tnNTHnUNfh2byBWzDZNePjIOcSJDMJYK0ku6A" found at _acme-challenge.demovpstest.com
This issue can occur when you have hosted the Plesk server's website but using the third-party DNS service.
What is the cause of this issue?
While Let's encrypt tries to install or renew the SSL Certificate, it checks for the TXT record at your DNS service, but it can be missing at your third-party DNS, or the TXT record can be incorrect.
How to fix this issue?
- Login to your Plesk panel.
- Go to Websites and Domains > example.com > Click on Let's Encrypt.
- Check the box with the option: Issue a wildcard SSL/TLS certificate. Click on the Install button.
- On the Next page, it will ask you to add the below TXT record. You need to copy and add the TXT record at the third-party DNS service.
- Click on the continue button after adding the TXT record.
- You will receive the below screen after clicking on the continue button.