• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Issue Let's Encrypt Certificate not in store

A

aspaceworm

New Pleskian
Server operating system version
latest
Plesk version and microupdate number
latest
I am subbed to shared Windows hosting on HostGator and need to get my site's certificate in my web app. I am trying to do it with the following code, but getting an error that no certs can be found:

var x509Store = new X509Store(StoreLocation.CurrentUser);

x509Store.Open(OpenFlags.ReadOnly);

var x509Certificate = x509Store.Certificates
.Find(
X509FindType.FindByThumbprint,
builder.Configuration["Config:AzureADCertThumbprint"],
validOnly: false)
.OfType<X509Certificate2>()
.Single();
x509Store.Close();
Click to expand...

To dig deeper, I wrote code to log all certificates in all stores to a file. There are a few Let's Encrypt certificates in there, but none have the thumbprint or name of my certificate. I've verified in browser that my certificate is the one being used. Any help here would be appreciated, thanks!
 
Considering it a shared Windows hosting solution I'm guessing you weren't the one who deployed Plesk which tells me that there's a chance that HostGator is using Centralized SSL certificate. You can refer to the following for a bit more information:

docs.plesk.com

(Plesk for Windows) Configuring Centralized SSL Certificate Support in Plesk

By default, SSL certificates are stored and managed locally on each Windows server. However, this practice has certai...
docs.plesk.com docs.plesk.com
learn.microsoft.com

IIS 8.0 Centralized SSL Certificate Support: SSL Scalability and Manageability

Version Notes IIS 8.0 Centralized SSL Certificate Support was introduced in IIS 8.0. IIS 7.5 Centralized SSL Certificate Support was not supported in IIS 7.5...
learn.microsoft.com
 
Btw, now that I was able to get my test VM going, the default location for certificates, assuming centralized SSL Certificate Support is enabled, would be located under the local machine's catalog under Web Hosting > Certificates
 
Even if Centralized SSL is enabled, shouldn't the certs show up in the store? I had heard, though, on Stack that Let's Encrypt's certbot does not add certs it creates to the store, which would mean I'd have to get the cert file by file path. This also presents a problem, because I don't have access to the whole filesystem because of the shared hosting. Am I just out of luck here?
 
If you're using Centralized SSL Certificate Support it will not be stored in the Microsoft Local Machine or User's Store since it's all files based at that point, similar to how Linux been doing it ages now.

And as I've mention, in my tests, assuming Centralized SSL Certificate Support is not in used, the certificate is stored in the local machine's certificate store under Web Hosting > Certificates. If you do not have full administrative permission to view the local machine certificate store then you will not be able to view it since it's stored under the local machine instead of the user's.
 
You must log in or register to reply here.

Similar threads

Azurel
Resolved Mail for "Let`s Encrypt certificates for ***** have been issued/renewed" missing?
Replies
2
Views
277
Azurel
Azurel
D
Issue can only create webmail certificates
Replies
1
Views
385
deepnpisgah
D
X
Question Issue/Renew Let's Encrypt certificate if site is behind cloudflare
Replies
8
Views
3K
Harun
Harun
Hangover2
Forwarded to devs SSL It! breaks renewal and usage of Let's Encrypt wildcard certificates when subdomains are involved
2
Replies
28
Views
6K
marcoherzog
M
D
Issue Lets Encrypt Not Successful over port 80
Replies
8
Views
374
Daiv
D
Back
Top