• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

hack httpd.include

A

altexis

Guest
When I added a valid and authenticated certificate from GeoTrust, Plesk accepted it without any problems but it did not work. When I used two different browsers to get into an https:// page the certificate appears to be Plesk's... not the installed one.

I made some research and found that in /home/httpd/vhosts/mydomain.com/conf/httpd.include the directive SSLCertificateFile pointed to a wrong certificate file. I know that I shouldn't touch this file but I did just to see if SSL would work as it should. The proper file existed in /usr/local/psa/var/certifiates/ directory and I changed it... and it worked. The next problem was this:

RSA server certificate CommonName (CN) `mydomain.com' does NOT match server name!?

(from the apache ssl error logs)

Again, I modified httpd.include by setting the ServerName directive from mydomain.com:443 to www.mydomain.com:443 ... and then everyting worked smoothly.

My questions are:
1) How bad can it be to make manual changes to httpd.include? (I did some efforts with adding a vhost.include and vhost_ssl.include with no luck)

2) Is this a known bug? Or did I do something wrong? Or is there a hidden place in the control panel to make the proper settings in Plesk?
 
Your httpd.include will eventually be overwritten by Plesk. Every time you change a webserver setting, Plesk will write a new httpd.include file, so that's not the way!

It might be a known problem - with wrong file permissions, I worte about it last year in oktober/november I think. Link: http://forum.sw-soft.com/showthread.php?s=&threadid=18630&highlight=ssl+geert

But it might also be because you haven't set the correct certificate to the shared IP or some other wrong settings.

Can you post the URL that dosen't work?
 
great... that solved it

I had to remove the certificate from the domain control panel, and re-add it from the server certificates, then engage it from the server IP pool. ... Plesk did not only copy the M$ looks.. they copied the M$ essence as well.

Thanks for your help Whistler... but now I am still missing the CA Certificate. The certificate is a QuickSSL from GeoTrust. I uploaded all the root certificates from GeoTrust but none works because 'The CA authority does not recognize that certificate' (or something like that) ... Is there any trick to upload the CA Certificate?
 
The current certificate on https://www.creativepluse.biz - seems to be a server selfsigned certificate?

And the CA Certificate should (if I remember correct) only be submitted if you uses some root authority that's not included in most browsers (and GeoTrust root certificate is in almost any browser).
 
When I wrote my first post it appeared to be a self-signed certificate. After your help I reinstalled the certificate but there was still a problem. Now I re-issued the certificate and everything works smoothly.

Thank you for your help Whistler
 
You must log in or register to reply here.

Similar threads

D
Issue certificate of VPS host still used after SSL configuration for newly added domain
Replies
4
Views
1K
deepnpisgah
D
C
Question Strange SNI (?) issue related to IPv6 (?)
Replies
2
Views
774
Carbon Dioxide
C
P
Issue Error: "Unable to find row with id 0 in certificates table." when adding new self-signed certificate
Replies
0
Views
2K
pleshk
P
TimReeves
Resolved Webmail - PHP not working, file downloaded not executed
Replies
2
Views
2K
aslotta
aslotta
DerDanilo
Issue Let's Encrypt and "Assign the certificate to mail domain" problems and AutoDiscovery issues caused by this
Replies
7
Views
3K
Kaspar
K
Back
Top