• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Issue Certificates for securing Plesk/Mail

Tosh

New Pleskian
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE
Ubuntu 16.04.1 LTS‬
Plesk Onyx Version 17.0.17 Update #3, last updated on Oct 19, 2016 12:21 PM


PROBLEM DESCRIPTION
Unable to select the Let's Encrypt panel certificate to secure mail service.

Tools & Settings > SSL/TLS Certificates > Certificates currently in use does not match actual certificate in use. It will show that the default certificate is being used rather than the Let's Encrypt certificate which is actually in use.

If you inadvertently select the "default certificate" that is shown it will use the self signed plesk cert causing an HSTS cert error.


STEPS TO REPRODUCE
Extensions > Security Advisor > System > Secure plesk with Let's Encrypt, Then navigate to Tools & Settings > SSL/TLS Certificates.


ACTUAL RESULT
Plesk panel is secured using a Let's Encrypt certificate, but via the SSL/TLS Certificates panel it only shows the self signed plesk cert. If you click on the change button for the Mail service the Panels Let's Encrypt certificate is not an option. The Panel cert also does not appear in the Let's Encrypt extension page.


EXPECTED RESULT
After securing the panel via Extensions > Security Advisor > System > Secure Plesk and then navigating to Tools & Settings > SSL/TLS Certificates > Certificates currently in use for securing plesk > should show the Let's encrypt cert for the panel option. You should then also be able to select that same certificate for securing mail.


ANY ADDITIONAL INFORMATION
Just tested again on a fresh install to confirm that the issue would occur again.
 
Short version:

Security Advisor extension should add the generated Let's Encrypt certificate for the panel into the pool of certificates so that you can select it from the Tools & Settings > SSL/TLS Certificates page.

Currently the certificate settings that are shown do not match what is in use. Panel shows the default cert is in use but is actually using the Let's Encrypt cert.
 
Back
Top