• Hi, Pleskians! We are running a UX testing of our upcoming product intended for server management and monitoring.
    We would like to invite you to have a call with us and have some fun checking our prototype. The agenda is pretty simple - we bring new design and some scenarios that you need to walk through and succeed. We will be watching and taking insights for further development of the design.
    If you would like to participate, please use this link to book a meeting. We will sent the link to the clickable prototype at the meeting.
  • (Plesk for Windows):
    MySQL Connector/ODBC 3.51, 5.1, and 5.3 are no longer shipped with Plesk because they have reached end of life. MariaDB Connector/ODBC 64-bit 3.2.4 is now used instead.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Resolved Domain name issue -- certificate for a domain uses server domain. But can't see how or why

M

MHC_1

New Pleskian
Server operating system version
Ubuntu 22
Plesk version and microupdate number
Obsidian v18.0.61
We have multiple domains on the server.

One domain works fine and has the certificate set up and the domain loads correctly with the correct certificate for the correct URL.

Another domain says the certificate is invalid because somehow the certificate is loaded for the Plesk Server domain rather than the website domain.

The "SSL It!" / Lets Encrypt are both set up the same so from the Plesk interface I can't see why it's different and can;t see how to resolve this.

Pictures below:

ERRORS on browser (2:)

SMYR_opera_error_1.png

SMYR_opera_error_2.png

Certificate set up on Plesk:

SMYR_cerificate_plesk_2.png

Another website on the same server using the same certification system (SSL it!):

DESG_works_ok.png

DESG_cert_ok.png

Why is this different? How can we fix this so all domains on the server work like the DESG?

The cause may be related to this bug? --> Resolved - SSL It - HSTS appearing twice in headers ? Any help appreciated.

BONUS QUESTION:

Also, bonus question; How can we manually set the HSTS on a domain to zero to force the HSTS refresh (eg "Strict-Transport-Security: max-age=0") ? Plesk doesn't give this option and can't find the relevant lines in .htaccess or in any of the httpd.conf.
 

Attachments

  • SMYR_cert_1.png
    SMYR_cert_1.png
    115.2 KB · Views: 5
Hi, is the right certificate selected in the hosting settings of the domain?
Screenshot 2024-07-07 181026.png
As for setting HSTS max age, you can click the slides icon to configure this (although the minimum available option is 1 minute).
Screenshot 2024-07-07 181416.png
 
Kaspar@Plesk said:
Hi, is the right certificate selected in the hosting settings of the domain?
View attachment 26577
As for setting HSTS max age, you can click the slides icon to configure this (although the minimum available option is 1 minute).
Click to expand...

Hello
Yes the correct certificate is set here (NB: This is Hosting & DNS --> Hosting Settings ) for all domains.

re: HSTS yes, but this isn't really configurable more that it gives a few (3) basic options, not involving setting age=0. But I've found the issue with HSTS was it was being set twice by WP.
 
If you are positive the right certificate has been selected in the hosting settings, you can run the repair utility via command line to see if that fixes the issue.

plesk repair web example.com -sslcerts -y
(replace example.com with your domain)
 
Kaspar@Plesk said:
If you are positive the right certificate has been selected in the hosting settings, you can run the repair utility via command line to see if that fixes the issue.

plesk repair web example.com -sslcerts -y
(replace example.com with your domain)
Click to expand...

Thanks. This ha been done.

repair_1_2024-07-08.png

Should I await any sort of propagation?

Clearing web history and cache on browsers results in no change at the browser end. Same issue remains.
 
MHC_1 said:
Should I await any sort of propagation?
Click to expand...
Any repairs should be instant, although a browser restart might be needed to clear cache.

Since the repair utility did not found any errors I am not sure what is causing the issue. I recommend opening a ticket with our support team and let them investigate the issue on your server. To sign-in to support and open a ticket go to https://support.plesk.com.

If you got your license from a reseller, your reseller should provide support for you. If the reseller does not provide support, here is an alternative to get support directly from Plesk: https://support.plesk.com/hc/en-us/articles/12388090147095-How-to-get-support-directly-from-Plesk
 
There currently seems to be an issue with (re)issuing certificates. We are investigating this issue. More info:

Issue - SSL create and renew errors on random domains / possibly a Let's Encrypt issue, but maybe only in combination with Plesk

We are seeing some random create and renewal errors of Let's Encrypt as described in https://community.letsencrypt.org/t/failed-reissue-on-plesk-due-to-could-not-obtain-directory-curl-error-35-encountered-end-of-file/221455/3 This only occurs on some domain names while other domains on the...
talk.plesk.com talk.plesk.com
 
Reissuing the certificate again after the Let's Encrypt issue cleared seems to have resolved this issue. Thanks.
 
You must log in or register to reply here.

Similar threads

V
Issue Plesk SSL certificate clear
Replies
1
Views
216
Sebahat.hadzhi
Sebahat.hadzhi
D
Resolved Let's Encrypt Certificate missing domain name
Replies
2
Views
314
davorg
D
G
Issue Unable to create temporary domain and/or assign a SSL Certificate to domains *.plesk.page
Replies
3
Views
171
Sebahat.hadzhi
Sebahat.hadzhi
QWeb Ric
Issue Server pool SSL not showing for selection
Replies
0
Views
269
QWeb Ric
QWeb Ric
N
Issue Plesk Hostingpanel SSL Certificate Appearing in SSL Test for My Domain
Replies
4
Views
534
learning_curve
learning_curve
Back
Top