Add new certificate to all virtual hosts

[jorfermo]

Hello

I installed a new certificate, made it default, assigned it to the shared ip address and made the plesk panel use it.

The problem is we have 200 virtual hosts using the old certificate. Is there a way to reconfigure all those domains easily?

Thanks!

 

[IgorG]

Use something like

# /usr/local/psa/bin/domain -u domain.com -certificate-name <SSL certificate name>

Or for all domains:

# for i in `mysql -uadmin -p\`cat /etc/psa/.psa.shadow\` psa -Ns -e "select name from domains"`; do /usr/local/psa/bin/domain -u $i -certificate-name <SSL certificate name>; done

 

[jorfermo]

Thanks for the answer Igor

I get the message "Unable to find certificate" and I'm using the name of the new one. How can I get the right name of the certificate?

The weird thing is it works for some domains...

 

[IgorG]

For getting correct names of certificates try to use

# /usr/local/psa/bin/certificate -l

More details in /usr/local/psa/bin/certificate --help

 

[jorfermo]

So I'm using the right name and it doesnt work:

# /usr/local/psa/bin/certificate -l -admin
CSR Priv Cert CA Name Used
N Y Y Y Asterisco 2012
N Y Y Y Asterisco2
N Y Y Y Asterisco2013

Listing of SSL certificates repository was successful

# for i in `mysql -uadmin -p\`cat /etc/psa/.psa.shadow\` psa -Ns -e "select name from domains"`; do /usr/local/psa/bin/domain -u $i -certificate-name Asterisco2013; done
Unable to find certificate
Unable to find certificate
Unable to find certificate
Unable to find certificate
Unable to find certificate

 

[IgorG]

It is correct behaviour. You can't assign admin's certificate on customer's domain. Utility can't find certificate in domain's repository.

 

[jorfermo]

But its assigned to 3 customer domains

 

[IgorG]

I suppose that they are admin's domains, right?

 

[jorfermo]

No they are not. Admin has no domains.

We've always had an * certificate for all the domains and the plesk admin site. Why that limitation? Why can't we use the same SSL certificate for all domains?

 

[IgorG]

Do you mean that Asterisco2013 is wildcard certificate?

 

[jorfermo]

Yes

 

[IgorG]

Do you have this certificate in output of command

# /usr/local/psa/bin/certificate -l -domain domain.com

?

 

[jorfermo]

I don't know in what domains is that certificate. How can I find that?

 

[Patrik_Vormittag]

I'm having similar issues and have tried many times `plesk bin domain -u example.api.engrain.io -certificate-name '*.api.engrain.io'` yet plesk cannot find the certificate. The domain is an admin owned domain.

Running `plesk bin certificate -l -admin` returns:

CSR Priv Cert CA Name Used
Y Y Y Y *.api.engrain.io
N Y Y N default certificate