• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

hack httpd.include

A

altexis

Guest
When I added a valid and authenticated certificate from GeoTrust, Plesk accepted it without any problems but it did not work. When I used two different browsers to get into an https:// page the certificate appears to be Plesk's... not the installed one.

I made some research and found that in /home/httpd/vhosts/mydomain.com/conf/httpd.include the directive SSLCertificateFile pointed to a wrong certificate file. I know that I shouldn't touch this file but I did just to see if SSL would work as it should. The proper file existed in /usr/local/psa/var/certifiates/ directory and I changed it... and it worked. The next problem was this:

RSA server certificate CommonName (CN) `mydomain.com' does NOT match server name!?

(from the apache ssl error logs)

Again, I modified httpd.include by setting the ServerName directive from mydomain.com:443 to www.mydomain.com:443 ... and then everyting worked smoothly.

My questions are:
1) How bad can it be to make manual changes to httpd.include? (I did some efforts with adding a vhost.include and vhost_ssl.include with no luck)

2) Is this a known bug? Or did I do something wrong? Or is there a hidden place in the control panel to make the proper settings in Plesk?
 
Your httpd.include will eventually be overwritten by Plesk. Every time you change a webserver setting, Plesk will write a new httpd.include file, so that's not the way!

It might be a known problem - with wrong file permissions, I worte about it last year in oktober/november I think. Link: http://forum.sw-soft.com/showthread.php?s=&threadid=18630&highlight=ssl+geert

But it might also be because you haven't set the correct certificate to the shared IP or some other wrong settings.

Can you post the URL that dosen't work?
 
great... that solved it

I had to remove the certificate from the domain control panel, and re-add it from the server certificates, then engage it from the server IP pool. ... Plesk did not only copy the M$ looks.. they copied the M$ essence as well.

Thanks for your help Whistler... but now I am still missing the CA Certificate. The certificate is a QuickSSL from GeoTrust. I uploaded all the root certificates from GeoTrust but none works because 'The CA authority does not recognize that certificate' (or something like that) ... Is there any trick to upload the CA Certificate?
 
The current certificate on https://www.creativepluse.biz - seems to be a server selfsigned certificate?

And the CA Certificate should (if I remember correct) only be submitted if you uses some root authority that's not included in most browsers (and GeoTrust root certificate is in almost any browser).
 
When I wrote my first post it appeared to be a self-signed certificate. After your help I reinstalled the certificate but there was still a problem. Now I re-issued the certificate and everything works smoothly.

Thank you for your help Whistler
 
You must log in or register to reply here.

Similar threads

D
Issue certificate of VPS host still used after SSL configuration for newly added domain
Replies
4
Views
577
deepnpisgah
D
P
Issue Error: "Unable to find row with id 0 in certificates table." when adding new self-signed certificate
Replies
0
Views
1K
pleshk
P
TimReeves
Resolved Webmail - PHP not working, file downloaded not executed
Replies
2
Views
2K
aslotta
aslotta
DerDanilo
Issue Let's Encrypt and "Assign the certificate to mail domain" problems and AutoDiscovery issues caused by this
Replies
7
Views
3K
Kaspar
K
Bitpalast
Forwarded to devs Upon removal of domain that uses SSL on mail SNI, the conf file is not removed leading to Dovecot fatal error
Replies
3
Views
1K
IgorG
IgorG
Back
Top