• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Question How do I restore an SSL Certificate on a different server?

K

Kroptokin

Regular Pleskian
Server operating system version
AlmaLinux 9.3 (Shamrock Pampas Cat)
Plesk version and microupdate number
Plesk Obsidian Version 18.0.58 Update #1
I had to rebuild my Plesk system from scratch. I need to re-install a purchased SSL Certificate. I have all the bits - CSR, private key and all the issued bits. But I can't figure out how I can fully restore the Certificate including the CSR part. I can add the private key, crt and root certificate by doing 'Create New SSL' - but with this setup I get warnings about the SSL identity missing and the web site is unstable. This must be possible - otherwise how could you (manually) move a Certificate to a new server - but how?
 
There does not appear to be a way to do this through the interface. The only solution I can see is to go back to the provider and reissue the certificate. In my case both providers I use allow this. Luckily. (But it seems that this means there is in fact no point keeping your private key and CSR safe in case you lose your server because there is no way - via Plesk - to correctly reinstall the Certificate).

I would like to be wrong but it looks like this is an omission since the text on the UI clearly envisages doing just what I am trying to do - move a certificate from one server to another. It is just that it doesn't let you add the CSR and without that you get warnings in the server logs.
 
A CSR (= certificate signing request) is only needed to send the information you'd like to have signed to the trust center. Once you have the certificate there is no reason why you'd still need to have the signing request. You only need the certificate and the private key to use the certificate.
 
Hi Peter

Thanks. Once I had recreated my SSL based just on the Private Key file and the Certificate, by choosing Add New SSL and filling in what I had in the boxes, I was getting errors in the Apache logs:

AH01909: domain.com:443:0 server certificate does NOT include an ID which matches the server

I thought this was due to a missing CSR. But it seems it may be a different issue. (I was recreating the SSL on a subdomain - the error was in the parent domain error logs.). So - I am willing to believe what you say.

Nonetheless if anyone wants to recreate the SSL and use the CSR they can follow these steps. Incidentally, this has the advantage that it automatically selected the uploaded Certificate for the selected SSL Certificate in the Hosting section, (though not for subdomains with a wildcard Certificate).


The steps I did were as follows:

Dashboard
SSL/TLS Certificate
Reissue Certificate
Upload a file with a .pem extension which contains: the original CSR, the Private Key, the Certificate and the Root Certificate

So - this seems to be one way to do it.

So - thanks a lot for your advice.
 
You must log in or register to reply here.

Similar threads

W
Issue PositiveSSL not installed, but payed
Replies
1
Views
687
AYamshanov
AYamshanov
carlsson
Issue Mail on Plesk, web on other provider, how do I create a correct SSL?
Replies
2
Views
145
carlsson
carlsson
F
Question Going from a temporary plesk.page domain name to the actual domain name
Replies
6
Views
257
Kaspar
K
J
Issue Can't Reload or Cancel Let's Encrypt SSL/TLS Certificate
Replies
11
Views
2K
artalva
artalva
Lenny
Resolved Seeking Assistance with API Communication Issues via SSL on Plesk
Replies
4
Views
673
Lenny
Lenny
Back
Top