1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

How to override a stuck default SSL certificate

Discussion in 'Plesk for Linux - 8.x and Older' started by Highland, Aug 11, 2006.

  1. Highland

    Highland Guest

    I got tired of Plesk 8's inability to properly assign a SSL certificate so I have a workaround for those of you who want one. This fix works for both subdomains and base TLDs.

    1. Add your SSL certificate to Plesk. Make sure it is properly installed and recognized by Plesk. Also be sure your domain/subdomain is enabled for SSL.
    2.Do the following in SSH
    #ls -la /usr/local/psa/var/certificates
    Take note of the file with today's date and copy it (to copy in Putty just highlight it). Paste this somewhere for now (I opened Notepad)
    3. Go to /var/www/vhosts/domains.com/conf and open httpd.include in your text editor. Find the section that describes your domain or subdomain. It will start with
    Copy everything between (and including) the <IfModule mod_ssl.c> tags.
    4. Head over to your /etc/httpd/conf.d directory. Make a file name like z0-subdomain.conf You can name it whatever you like provided you have the z0 at the start and a .conf extension. It needs to be loaded last but before zz010_psa_httpd.conf
    5. Paste your block from step 3 into this file using a text editor. Once it's pasted look for this line
    This is the file that currently loads when you go to https://sub.domain.com. Remember your file copy I told you to paste from step 2? Copy that and paste it over the certxxxxxx file name. Save your file.
    6. Restart apache.
    if you've done this correctly Apache should restart with no errors and your SSL cert should be the one you added in step 1. If Apache fails to restart check the file and make sure you copied everything and that all the tags have matching closing tags.
  2. grimbergen

    grimbergen Guest

  3. mortimermouse

    mortimermouse Guest

    Didn't work for me, but this did....

    I also had a default cert "stuck"... site was setup on exclusive IP... real cert was installed correctly... but site kept using the "default" cert.

    Went to site > Setup. In my drop-down list of available certs to use, I had two: Site1 and Site2.

    Site1 was selected as it should have been, so just for kicks, I changed it to Site2, which was already working correctly on that site. Then reloaded the secure webpage on the website itself, and viewed details of the cert. LO and behold, it was correct.

    So I went back and changed Plesk to use Site1 again, and the website stayed the same... stayed correct.

    Just needed to be toggled I guess...
  4. grimbergen

    grimbergen Guest

    Cool... the problem for me is that I only have 1 IP and 1 site so i couldn't toggle.
  5. psingh

    psingh Basic Pleskian

    Dec 15, 2007
    Likes Received:
    i cannot run any service related command : " #service httpd restart "

    i get following return :

    [root@ip-myIP admin]#
    [root@ip-myIP admin]# service httpd restart
    bash: service: command not found
    [root@ip-myIP admin]#

    I wonder why can't i user "service " command : do i need to enable something ? ?
    Last edited: Nov 11, 2009
  6. Pagemakers

    Pagemakers Silver Pleskian

    Dec 19, 2007
    Likes Received:
    Highland. Brilliant.

    I would have got it 4 hours ago but I was typing 0 instead of O.

  7. petrocket

    petrocket Guest

    Another solution...

    I had a similiar problem where the certificate wouldn't "take" on the main domain. I had to switch the domain to a different ip - then the certificate worked and I switched it back to the origional ip.

    Also for the subdomain on this site I used Highlands brilliant solution so that a child subdomain could use a different certificate than the parent domain. I called Plesk support and they said there is no way to do this in Plesk yet, but that it should be a feature of Plesk 9.0