DNN Forums

Ask questions about your website to get help learning DNN and help resolve issues.
  • Search Forums
    Advanced Search Topics Posts
Prev
Next
Forums Using DNN Platform Administration and Configuration

Issue with Let's Encrypt renewal

 3 Replies
 2 Subscribed to this topic
 34 Subscribed to this forum
Sort:
Author
Messages
amurraygbhu
Growing Member Send Private Message
Posts: 30
Growing Member
3/12/2025 11:29 AM

I am hoping someone can assist me with an issue that I am having. My website has been setup for a while and I recently switched to using Let's Encrypt for the ceritificate. The first 2 times it renewed I had to manually renew it as it wouldn't autorenew. Now it won't even allow me to manually renew the certificate. Error I am getting is that the authorization token is not available.

When I follow the instructions from Plesk for troubleshooting it I try the steps for "checking website availability". When I place a test.txt file in the location it says to, I am unable to browse in the web browser to http://example.com/.well-...-challenge/test.txt. Instructions say to make sure it is accessible from the Internet over http without the www prefix. When I test this I get an "err_connection_refused".

I am wondering if this is due to an issue with the setup of my site and the aliases, or possible a redirect.

I have setup a staging site and the Let's Encrypt works on that site and even autorenews. For the staging site if I go to "Site Settings - Site Behaviour - Site Aliases" the primary domain is staging.publichealthgreybruce.on.ca (no other aliases for the staging site exist), URL Mapping has the "Site Alias mapping Mode" set to "Redirect". On the staging site the above connection test works when I browse to staging.publichealthgreybruce.on.ca/.well-known/acme-challenge/test.txt

On my live site if I check the same settings above I have 2 aliases listed. www.publichealthgreybruce.on.ca is the primary. Also listed is publichealthgreybruce.on.ca. I think I put the two in there so the site would be found whether the user entered the www or not. The URL with the www.publichealthgreybruce.on.ca is the primary alias. Under URL mapping the Site Alias mapping mode is set to redirect. As a test I changed the primary Alias to the one without www and my site wouldn't load at all. Had to restore the database. 

The testing makes me think I have something wrong in my site setup. There is a lot of info here and if anyone needs more let me know. I know the aliases were played with because at one-time not using the www in the url wouldn't load the page. So I have a feeling I messed up with the site settings and url redirects.

Will Strohl
Senior Member Send Private Message
Posts: 1513
Senior Member
3/12/2025 12:21 PM
Is your site behind a WAF of any kind (e.g., CloudFlare)? If it is, then Let's Encrypt may be getting blocked. Newer versions of Let's Encrypt seem to be better about getting around it and/or using firewall exceptions. You may be able to resolve this by downloading and using the most recent version. Alternatively, you could manually turn it off for the few moments it takes to renew the SSL, then turn it back on.
amurraygbhu
Growing Member Send Private Message
Posts: 30
Growing Member
3/13/2025 8:47 AM

No we do not use Cloudflare or any other WAF. I have a feeling it is a configuration issue that doesn't allow the site to use the domain without the www prefix.

Will Strohl
Senior Member Send Private Message
Posts: 1513
Senior Member
3/13/2025 12:42 PM

Yeah, there is likely some sort of firewall blocking the direct communication, or a URL rewrite somewhere - effectively, doing the same thing.  

These Forums are dedicated to the discussion of DNN Platform.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. If you have (suspected) security issues, please DO NOT post them in the forums but instead follow the official DNN security policy
  2. No Advertising. This includes the promotion of commercial and non-commercial products or services which are not directly related to DNN.
  3. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  4. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  5. No Flaming or Trolling.
  6. No Profanity, Racism, or Prejudice.
  7. Site Moderators have the final word on approving / removing a thread or post or comment.
  8. English language posting only, please.

Would you like to help us?

Awesome! Simply post in the forums using the link below and we'll get you started.

Get Involved