Symptoms
The following error appears on attempts to issue a Let's Encrypt certificate:
ERR [extension/sslit] Unable to secure domain {domainName} automatically Invalid response from https://acme-v02.api.letsencrypt.org/acme/new-order.
Details:
Type: urn:ietf:params:acme:error:rejectedIdentifier
Status: 400
Detail: Error creating new order :: Cannot issue for "_.example.com": Domain name contains an invalid character
Cause
Wildcard certificates can not have their own certificates. Let's Encrypt cannot check the necessary record starting with an underscore symbol.
Resolution
Issue wildcard SSL certificates for original domains (example.com) that will secure any subdomain.
For existing domains, the task of automatic securing might be disabled in Plesk at Domains > example.com > SSL/TLS Certificates.