• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Error with new SSL certificate

U

Udo

New Pleskian
For a new domain on a new clean (bare metal) server I created the CSR and private key. I ordered the certificate from Geotrust and installed the certificate and CA-certificates.

I've done this dozens of times. And normaly this would be enough for the domain to work on https. Not this time. After attaching the certificate to the domain in the hosting settings, when I open the site I get an error: ssl_error_rx_record_too_long

You can try: https://www.askrosana.com (the default Plesk page is still there, nothing has been uploaded yet, so no worry, no secrets there).

I've Googled today and found a few solutions, all pointing to some problem in the Apache2 config. I checked everything but it looks all very clean and without problems. Port 443 is defined in ports.conf and http config looks also good.

Where should I look to solve this? I'm a bit stuck on this one.

Regards,
Udo
 
It's very weird. Checked everything I could (I think), but I'm sure I'm overlooking something.
At this moment this is not urgent anymore, because we are going to reinstall the server with the OS and Plesk.
Maybe that solves the problem.

This is the situation:
Additional information:
OS - Ubuntu 14.04
Plesk - 12.0.8
mod_ssl is active in Apache2
Certificates are in place and checked in folder mentioned in httpd.conf

access_ssl_log:
x.x.x.x - - [22/Sep/2015:17:34:38 +0200] "GET / HTTP/1.1" 403 1343 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:40.0) Gecko/20100101 Firefox/40.0"
x.x.x.x - - [22/Sep/2015:18:02:57 +0200] "GET / HTTP/1.1" 403 1343 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:40.0) Gecko/20100101 Firefox/40.0"
x.x.x.x - - [22/Sep/2015:18:02:58 +0200] "GET /favicon.ico HTTP/1.1" 403 1342 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:40.0) Gecko/20100101 Firefox/40.0"
x.x.x.x - - [22/Sep/2015:18:02:58 +0200] "GET /favicon.ico HTTP/1.1" 403 1342 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:40.0) Gecko/20100101 Firefox/40.0

error_log:
[Tue Sep 22 17:34:38.385520 2015] [ssl:error] [pid 27374] [client x.x.x.x:56845] AH02219: access to /var/www/vhosts/askrosana.com/httpdocs/ failed, reason: SSL connection required
[Tue Sep 22 18:02:57.424489 2015] [ssl:error] [pid 486] [client x.x.x.x:57270] AH02219: access to /var/www/vhosts/askrosana.com/httpdocs/ failed, reason: SSL connection required
[Tue Sep 22 18:02:58.072000 2015] [ssl:error] [pid 486] [client x.x.x.x:57270] AH02219: access to /var/www/vhosts/askrosana.com/httpdocs/favicon.ico failed, reason: SSL connection required
[Tue Sep 22 18:02:58.348648 2015] [ssl:error] [pid 486] [client x.x.x.x:57270] AH02219: access to /var/www/vhosts/askrosana.com/httpdocs/favicon.ico failed, reason: SSL connection required

httpd.conf
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
#IF YOU REQUIRE TO APPLY CUSTOM MODIFICATIONS, PERFORM THEM IN THE FOLLOWING FILES:
#/var/www/vhosts/system/askrosana.com/conf/vhost.conf
#/var/www/vhosts/system/askrosana.com/conf/vhost_ssl.conf
<IfModule mod_ssl.c>

<VirtualHost 85.214.28.143:443 >
ServerName "askrosana.com:443"
ServerAlias "www.askrosana.com"
ServerAlias "ipv4.askrosana.com"
ServerAdmin "xxxxxxxxxxxxxxxxxx"
UseCanonicalName Off

DocumentRoot "/var/www/vhosts/askrosana.com/httpdocs"
CustomLog /var/www/vhosts/system/askrosana.com/logs/access_ssl_log plesklog
ErrorLog "/var/www/vhosts/system/askrosana.com/logs/error_log"

<IfModule mod_suexec.c>
SuexecUserGroup "askrosana" "psacln"
</IfModule>

<IfModule mod_userdir.c>
UserDir "/var/www/vhosts/askrosana.com/web_users"
</IfModule>

<IfModule mod_sysenv.c>
SetSysEnv PP_VHOST_ID "f2809be6-150c-44b1-a817-9ddb33d9893b"
</IfModule>

ScriptAlias "/cgi-bin/" "/var/www/vhosts/askrosana.com/httpdocs/cgi-bin/"

Alias "/plesk-stat" "/var/www/vhosts/system/askrosana.com/statistics"
<Location /plesk-stat/>
Options +Indexes
</Location>
<Location /plesk-stat/logs/>
Require valid-user
</Location>
Alias /webstat /var/www/vhosts/system/askrosana.com/statistics/webstat
Alias /webstat-ssl /var/www/vhosts/system/askrosana.com/statistics/webstat-ssl
Alias /ftpstat /var/www/vhosts/system/askrosana.com/statistics/ftpstat
Alias /anon_ftpstat /var/www/vhosts/system/askrosana.com/statistics/anon_ftpstat
Alias /awstats-icon /usr/share/awstats/icon

SSLEngine on
SSLVerifyClient none
SSLCertificateFile /opt/psa/var/certificates/cert-hlKhhb
SSLCACertificateFile /opt/psa/var/certificates/cert-SqkM6b
SetEnv PP_CUSTOM_PHP_INI /var/www/vhosts/system/askrosana.com/etc/php.ini
SetEnv PP_CUSTOM_PHP_CGI_INDEX module

<IfModule mod_fcgid.c>
FcgidInitialEnv PP_CUSTOM_PHP_INI /var/www/vhosts/system/askrosana.com/etc/php.ini
FcgidInitialEnv PP_CUSTOM_PHP_CGI_INDEX module
FcgidMaxRequestLen 134217728
</IfModule>

<Directory /var/www/vhosts/askrosana.com/httpdocs>

<IfModule mod_php4.c>
php_admin_flag engine on

# General settings
php_admin_value open_basedir "/var/www/vhosts/askrosana.com/:/tmp/"
# Performance settings
# Additional directives

</IfModule>

<IfModule mod_php5.c>
php_admin_flag engine on

# General settings
php_admin_value open_basedir "/var/www/vhosts/askrosana.com/:/tmp/"
# Performance settings
# Additional directives

</IfModule>
<IfModule mod_python.c>
<Files ~ (\.py$)>
SetHandler python-program
PythonHandler mod_python.cgihandler
</Files>
</IfModule>
<IfModule mod_fcgid.c>
<Files ~ (\.fcgi$)>
SetHandler fcgid-script
Options +ExecCGI
</Files>
</IfModule>

SSLRequireSSL

Options +Includes +ExecCGI

</Directory>

<Directory "/var/www/vhosts/system/askrosana.com/statistics">
AuthType Basic
AuthName "Domeinstatistieken"
AuthUserFile "/var/www/vhosts/system/askrosana.com/pd/d..httpdocs@plesk-stat"
require valid-user
</Directory>

Alias /error_docs /var/www/vhosts/askrosana.com/error_docs
ErrorDocument 400 /error_docs/bad_request.html
ErrorDocument 401 /error_docs/unauthorized.html
ErrorDocument 403 /error_docs/forbidden.html
ErrorDocument 404 /error_docs/not_found.html
ErrorDocument 500 /error_docs/internal_server_error.html
ErrorDocument 405 /error_docs/method_not_allowed.html
ErrorDocument 406 /error_docs/not_acceptable.html
ErrorDocument 407 /error_docs/proxy_authentication_required.html
ErrorDocument 412 /error_docs/precondition_failed.html
ErrorDocument 414 /error_docs/request_uri_too_long.html
ErrorDocument 415 /error_docs/unsupported_media_type.html
ErrorDocument 501 /error_docs/not_implemented.html
ErrorDocument 502 /error_docs/bad_gateway.html
ErrorDocument 503 /error_docs/maintenance.html

IncludeOptional "/opt/psa/admin/conf/file_sharing.conf*"

<IfModule mod_security2.c>
</IfModule>

</VirtualHost>

</IfModule>

Remaining part removed
 
Hi Udo,

Udo said:
At this moment this is not urgent anymore, because we are going to reinstall the server with the OS and Plesk.
Maybe that solves the problem.
Click to expand...

as I can see, you re-installed your server now and use a working COMODO certificate. Are you facing any issues now, regarding to your initial post?
 
You must log in or register to reply here.

Similar threads

L
Issue ( authorization token is unavailable ) Could not issue/renew Let`s Encrypt certificates
Replies
7
Views
363
Leta
L
M
Issue curl: (60) SSL: no alternative certificate subject name matches target host name
Replies
2
Views
1K
AYamshanov
AYamshanov
D
Issue certificate of VPS host still used after SSL configuration for newly added domain
Replies
4
Views
1K
deepnpisgah
D
F
Question Going from a temporary plesk.page domain name to the actual domain name
Replies
6
Views
1K
Kaspar
K
Nextgen-Networks
Issue Lets Encrypt - error in certificate renew process
2
Replies
21
Views
4K
Peter Debik
P
Back
Top