I use Plesk onyx to run the server and install Nextcloud on it. I have no problem with normal operation, but I am having problems with monthly update of Let’s Encrypt’s certificate. I can not update smoothly first. I am updating it by invalidating SSL or emptying the nginx directive.
This problem was introduced at the Plesk site.
https://support.plesk.com/hc/en-us/articles/115003316413-Unable-to-renew-Let-s-Encrypt-certificate-403-Forbidden
Additional nginx directive is blocking communication between website and Let’s Encrypt issuing servers.
I only describe the contents introduced in the Nextcloud manual in the nginx directive.
The following is not written in manual.
location ~ /\. {
deny all;
}
I added the following content that is being introduced to the nginx directive, but update still fails.
location ~ /\.(?!well-known).* {
deny all;
}
This is probably a problem unique to Plesk. Is it related to the transition from http to https?
I run two other sites within the same Plesk. Since there is a very simple state, I can update the certificate without any problem. When updating fails, I can not access files in .well-kown/acme-challenge/.
Once I update it I will revert the environment. After a while I can update the certificate without problems. Then as I approached the renewal deadline date, I can not renew when I try to update manually.
location ~ /\.(?!well-known).* {
deny all;
}
How can I process the above for Nextcloud? If you are using Nextcloud and Let’s Encrypt with Plesk, please tell me how to automatically renew certificates.