Search results

I have been trying all manner of things @mow :) What's more, I have some interesting findings and questions for Plesk... I have indeed set CAA for the various domains, however, and yes as a CISO I recognise you 'best practice' point, CAA are not required and both these 'problem subscriptions'...

This issue is back and looking for anyone reporting this issue I find my own post :rolleyes: What I notice is that I mention two subscriptions having this 'checking CAA' error ... both for domains that have no CAA and never have. I also see I said... Well, the same 1+5 subscription is back to...

This is maybe relevant... Type: urn:ietf:params:acme:error:caa Status: 403 Detail: Error finalizing order :: Rechecking CAA for "www.sprakekingsley.org.uk" and 14 more identifiers failed. Refer to sub-problems for more information Why relevant? Well, the request is for the root and wildcard...

Just to add to the thread, but not expecting a magic answer, other subscriptions on the same host all update okay, even now, one that was suffering the same 'urn:ietf:params:acme:error:caa' 403 error. Trying to work out what is the key issue, although I cannot see why one that was failing, is...

Many thanks Peter. Yes, I understand a 403, but it's not just "can't access", but is being forbidden .. it's a 403, not a 404. I'll have a look at the logs and maybe put a tail on while an attempt to reissue is running in the hope of seeing what it is that's being attempted and denied.

Hi Peter, no, nothing in front and Nginx disabled just to rule that out. No, DNS is not managed by the Plesk service and yes I know where the autorotative DNS are and it all been working for years. Yes I have checked the DNS for all names and one idea I followed was a misreading of an wildcard...

Just to add to my own thread... I took the smaller 1 + 5 domain subscription I de-selected all the additional domains and tried again ... it still failed I then de-selected wildcard and when to domain and www.domain options only ... it worked! ... however... While the 'domain + www only' v...

There seems to be numerous items about: Details Invalid response from https://acme-v02.api.letsencrypt.org/acme/finalize/356300830/211673632166. Details: Type: urn:ietf:params:acme:error:caa Status: 403 Detail: Error finalizing order :: Rechecking CAA for "example.com" and 18 more identifiers...

@learning_curve, maybe you have an insight to an issue I see and which I see others log as an improvement request with Plesk ... I have an expired default cert that refuses to go away! These are all Let's Encrypt certs which I rename as "FQDN from_date to end_date" ... it helps to know what...

first4it, I think "Can we please have some information on this?" is just DerDanilo being very polite in asking for a response. As you say, it is a very well researched and described issue. I came here having noted the "Assign the certificate to mail domain" option and wondering how it knew which...

This morning I ran into issues with the TLS cert on mail. The mail services – Dovecot + Postfix are secured with Let’s Encrypt certs issued by Plesk, although for some reason I sometimes need to come into the Home > Tools & Settings > SSL/TLS Certificates panel and use the ‘+ Let’s Encrypt’...

Many thanks @Ales. That pretty much was my thinking, but good to get an experience d review. The last thing I want to do is build an unsupportable system, especially as I'm running Plesk deliberately so as to not get into those complexities. I think it was the ISP though that advised me not to...

I understand Plesk's position is that packages like OpenSSL are a part of the base OS and so not updated by Plesk, but conversely I've been advised it is better not to update the server via yum so that OS updates are in line with Plesk support. So maybe the first question to ask is: Do Plesk...

Getting SpamAssassin up to date would be good as we all suffer too much spam, but I was a little surprised to see the comment that this is an OS package and so outside the scope of Plesk. I thought the entire purpose of Plesk was to make server admin (much) simpler and that pretty much all the...

So I found a Plesk article; "How to extend chrooted environment with additional commands" (How to extend chrooted environment with additional commands) which seemed promising, however, the provided <recreate_chroot_env> script doesn't work on my CentOs 7 system: [root@at chroot]#...

Well, using a simpler version of the script on the realisation that I don't need to loop for each log on the basis the cron job will run each night, plus the realisation that yesterdays's log will always be *.processed.1.gz and so I need to timestamp the files when moving to the uploaded...

So starting to answer my own question, it look slike the cron task is run in a chrooted environment based on the system user of the subscription and so I need to work out file paths (Scheduling Tasks) Note: In Plesk for Linux all "Run a command" scheduled tasks by default are run in a chrooted...

I have a small bash script that uses curl to post the Plesk Apache logs to a logging service and then moves the files to an 'uploaded' directory (so as to not reload them on a second run). The scripts works fine from an ssh CLI, but fails under cron and so I'm clearly missing a permission for...

Humm, you didn't note the bit where I said; "and no, the www, unqualified or no preference setting in Hosting Settings does NOT affect this behaviour." I'm afraid the domain preferecne setting has no effect on the www prefix applied to all domain aliases...you have to have www and like it. But...

Well, I've found a simple answer to my problem...a wildcard subdomain. Works llike a dream and simply allows the single docroot to look at the host-header of the incoming request and decide what to do with it :-)