If you receive a "Let's Encrypt SSL certificate installation failed: Challenge marked as invalid" error when trying to add a domain or renew an existing one, it may be that you have a redirect in Apache or .htaccess which is breaking the challenge response. The error will look like this:
To correct, check for redirects using the guide below.
- Check your .htaccess file for redirects. If there are complete matches for the entire domain, this won't be compatible with the Let's Encrypt challenge.
- If it's not within your .htaccess file, within Plesk go to the domain and then Apache and nginx Settings. If you have a blanket redirect (such as the one below), remove it and add it using the following guide: Plesk Onyx HTTPS redirect.
- Try to renew or create the SSL certificate via Let's Encrypt again.
- If there are errors still, please contact your hosting provider for further assistance.