Issue domain:8443 NET::ERR_CERT_COMMON_NAME_INVALID

[Alaa Mansour]

Dear all

i have a server ( server.domain.com ) protected by Let's Encrypt and I can access server.domain.com:8443 without any problem.

But i can't access domain.com:8443 or costumer.com:8443

it gives me this error:NET::ERR_CERT_COMMON_NAME_INVALID

the error because the certificate of ( costumer.com:8443 ) does not match the certificate that shown ( server.domain.com )

why would (costumer.com:8443) holds the server.domain.com certificate, even though I can access: costumer.com with its own certificate

any idea?

 

[Monty]

That's normal behaviour: The Plesk control panel server (sw-cp-server) runs on port 8443, which is an independent service that is not connected to your domains' certificates. The control panel server uses the certificate for your server's hostname.
You can't have multiple certificates on port 8443, see: How to secure multiple Plesk login URLs (port 8443) with single SSL certificate on single Plesk server?
So all your customers should login on server.domain.com:8443 and not customer.com:8443

 

[Alaa Mansour]

but I can't also secure any WWW for a subdomain on my server
for example : www.server.domain.com
or www.subdomain.costumer.com
it gives me the following error:

Warning: Failed to resolve the challenge for www.server.domain.com.
Details
Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/XXXXXXXXXXX
Details:
Type: urn:acme:error:connection
Status: 400
Detail: unknownHost :: No valid IP addresses found for www.server.domain.com

strange that I can't resolve the A record on www.subdomain.domain.com, even though I'm using (*) ( ) (@) (www) (domain.com) every possibility all pointed to the server IP

 

[Alaa Mansour]

PS: i have added the following lines to Panel.ini
[ext-letsencrypt]
renew-before-expiration = 45
rsa-key-size = 4096