Bobcares
Client Area
Emergency Support
Latest | Plesk | Server Management

Misconfiguration of the Common Challenge Directory | Fix-it

by | Feb 11, 2022

Misconfiguration of the Common Challenge Directory can be easily resolved with the help of our experts.

At Bobcares, we offer solutions for every query, big and small, as a part of our Server Management Service.

Let’s take a look at how our Support Team is ready to help customers with the misconfiguration of the Common Challenge Directory.

All About Misconfiguration of the Common Challenge Directory

The Let’s Encrypt certificate is sometimes not issued for a domain in Plesk. We can find the cause behind the issue by taking a look at the error message and studying the symptoms. Let’s Encrypt is a global CA. It allows organizations and people across the globe to obtain, renew as well as manage SSL/TLS certificates. In other words, websites use these certificates to enable secure HTTPS connections. Moreover, Let’s Encrypt also offers DV (Domain Validation) certificates.

Misconfiguration of the Common Challenge Directory

In this particular scenario, we won’t be able to issue a Let’s Encrypt certificate at Domains > example.com > SSL/TLS Certificates > Get it free. It results in the following error:

Could not access the following file or directory: 'C:\Program Files (x86)\Plesk\var\acme-challenge/web.config'.
Please make sure that the domain's system user has read and write access to this file or directory.
The authorization token is not available at http://example.com/.well-known/acme-challenge/qgU4e7ba4V7Tk69t4hYIYm09LJHktMaJIhPIngrOYFM.
To resolve the issue, make sure that the token file can be downloaded via the above URL.

Additionally, we will also come across the following message in the %plesk_dir%admin\logs\php_error.log file:

DEBUG [extension/sslit] Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/5298134528.
Details:
Type: urn:ietf:params:acme:error:unauthorized
Status: 403
Detail: Invalid response from http://example.com/.well-known/acme-challenge/ABCdE012_DRzM2ChDDWcqHwjZ5FORmnopq543210XYZ
[203.0.113.2]: "\r\n<html
xmlns="http"
INFO [extension/sslit] The count of the notifications which are waiting
to be sent: 143.

Furthermore, another noticeable symptom is being unable to secure or renew the Let’s Encrypt certificate in Tools & Settings > SSL & TLS certificates:

Could not request a Let's Encrypt SSL/TLS certificate for hostname.com
Go to http://hostname.com/.well-known/acme-challenge/HNYz-pKf-JtRgX-1gIFl2VrK2inUQs2uwIPWJuYnN3g and сheck if the authorization token is available.
If it is, try to request the certificate again. If the token is not available, there may be an issue with your DNS configuration.
Your domain in Plesk is hosted on the IP address(es): , but the DNS challenge used another IP: 203.0.113.2

How to Resolve Misconfiguration of the Common Challenge Directory

  1. First, connect to the server with the help of RDP.
  2. Then, head to IIS > Sites > Find the Default Web Site site >. If the website is not present, we can click Add Website… then add the following information and enter OK:
      • Site name: Default Web Site
      • Application pool: DefaultAppPool
      • Binding type: http
      • Physical path: %plesk_vhosts%default\htdocs
      • Hostname: <EMPTY>
      • IP address: All Unassigned
      • Port: 80
      • Start Website immediately: Enabled
  3. Then, head to IIS > Sites > Find the acme-challenge site > and delete it by right-clicking on it and finally select Remove.
  4. After that, copy %plesk_dir%etc\acme-challenge.config file to %plesk_dir%var\acme-challenge folder.
  5. Next, we rename the file formt eh previous step to %plesk_dir%var\acme-challenge\web.config.
  6. Then, start a command prompt as Administrator and run the following command to restore the acme-challenge: 
    C:\>plesk sbin websrvmng –add-acme-challenge-site
  7. After that, execute the following command in order to set the proper permissions for the Common Challenge Directory: 
    C:\>plesk repair --directory-permissions -directory "%plesk_dir%var"
  8. Finally, we disable and again enable Common Challenge Directory with these commands: 
    C:\>plesk ext sslit --common-challenge-dir -disable
C:\>plesk ext sslit --common-challenge-dir -enable

[Looking for a solution to another query? We are just a click away.]

Conclusion

To conclude, our skilled Support Engineers at Bobcares demonstrated how to deal with the misconfiguration of the Common Challenge Directory.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

Related posts:

  1. Unable to access Plesk Installer page from an Apple device
  2. Incorrect TXT record error in Plesk | How to fix
  3. DNN internal server error due to ISAPI filters
  4. Unable to select Atomicorp rule set in Plesk | How to fix

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

server management

Spend time on your business, not on your servers.

TALK TO US

Or click here to learn more.

GET UP TO 25% OFF

Plesk Support

Spend time on your business, not on your servers.

Managing a server is time consuming. Whether you are an expert or a newbie, that is time you could use to focus on your product or service. Leave your server management & end-user tech support to us, and use that time to focus on the growth and success of your business.

TALK TO USOr click here to learn more.

Related Articles

  1. Unable to access Plesk Installer page from an Apple device
  2. Incorrect TXT record error in Plesk | How to fix
  3. DNN internal server error due to ISAPI filters
  4. Unable to select Atomicorp rule set in Plesk | How to fix

Never again lose customers to poor
server speed! Let us help you.

GET STARTED