• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved LetsEncrypt Plesk Hostname

M

MikeA

New Pleskian
Ever since I've used Plesk (12+) I've never been able to use the SecurityAdvisor LetsEncrypt extension to create a certificate for my server hostname that Plesk runs on. I've ignored this issue and just used the self-signed certificate since I rarely use the admin end, but I'd like to finally find a fix for my problem.

I just updated to the latest release, Onyx, hoping it would fix the issue since but nothing has changed.

Note: I'm not talking about website SSL, I'm referring to the actual server hostname to connect to Plesk admin interface.

br9bTmA.png


IQylcnh.png


Generating certificates for websites on the server works fine with the official LetsEncrypt extension, but using the SecurityAdvisor to generate hostname certificate always gives the error above. Does anyone else have this problem?
 
Hi MikeA,

your provided error - message indicates, that you don't have a subdomain created for your hostname ( as for example: server1.YOUR-DOMAIN.COM ). Due to the fact, that Let's Encrypt needs the documentroot "/var/www/vhosts/YOUR-DOMAIN.COM/server1.YOUR-DOMAIN.COM" to verify the challenge, you will certainly experience possible issues, if it isn't existent. Therefore I thought it might be a good idea to show you some additional alternatives with the mentioned link.

Another alternative than to create a subdomain "server1" at "YOUR-DOMAIN.COM", is to use DNS - entries fo verify the Let's Encrypt challenge. Pls. see as well one of myprevious posts here in the forum: =>
UFHH01 said:
...
To start, I assume, that you already installed a Let's Encrypt - certificate over the Plesk Control Panel, which includes at least the domain - name ( either with or without "www." ).
You should now visit

=> Free SSL Certificate Wizard and other SSL Tools @ ZeroSSL ( external link - pls. inform me, when the link goes dead, so that I might provide another working link here! )

... and insert the very same eMail - address that you already used, when you created your basic Let's Encrypt certificate. Insert your initial domain-name and the desired additional (sub.)domain - names at the provided text-box, accept the TOS and the Let's Encrypt SA and choose the option "DNS", followed by a click onto the NEXT - button. The next steps are fully explained in several languages ( EN | DE | FR | ES | RU ) and contain amongst other things the manual entries of TXT - DNS - entries at your primary nameserver(s) for the added (sub.)domains and after you waited a few minutes for DNS - synchronisation, the authorization will be done and the new certificate for all your desired (sub.)domain - names will be presented to you ( which you are even able to download, if you wish to ).
You are then able to either replace the existent certificate over your Plesk Control Panel, or you choose to manually add it at all necessary places, just like you added other ( self-signed, or brought ) certificates in the past. ;)

Hint: I choosed the option, to replace the existent certificate files at "/opt/psa/var/certificates/" and "/opt/psa/var/modules/letsencrypt/etc/live/YOUR-DOMAIN..COM" ( pls. notice, that these are symlinks here! ), in the hope that the automatic renewal - process will renew not only the previous, first certificate, but the new certificate, with all the additional (sub.)domain - names. I'm pretty sure, that my hope will not be sufficient enough :rolleyes: to reach that renewal - goal, but maybe the Plesk / Plesk-Let's Encrypt-Extension - developers find as well a working solution to add the choice for DNS - authorization, or find a way to add additional (sub.)domain - names over the Plesk Control Panel. ;)
Click to expand...
( Pls. visit: => #25 for the whole forum - post and possible other following issues/errors/problems and the depending suggestions. :) )

Additional note:
Pls. keep as well in mind, that the provided script "letsencrypt-hostname.sh" in the above mentioned forum - link is fully customizable, so you can as well modify the "webroot-path" to your very own, unique ( existent ) path, if you wish to. ;)
 
Last edited by a moderator:
@UFHH01 Thanks, after creating a sub-domain for the hostname then going back and using the SecurityAdvisor LetsEncrypt tool it did create a certificate for the admin interface port.
 
You must log in or register to reply here.

Similar threads

Fabian H
Question Best practice email setup
Replies
4
Views
1K
Kaspar
K
P
Question Sync SSL certificates between 2 servers
Replies
7
Views
729
Kaspar@Plesk
Kaspar@Plesk
B
Resolved Shared hosting with multiple domains SSL/TLS issues
2
Replies
20
Views
4K
bork
B
C
Resolved Mariadb not working - DB query failed: SQLSTATE[HY000] [2002] No such file or directory
Replies
7
Views
2K
Crash79797
C
M
Issue Letsencrypt not automatically updating certificate
Replies
0
Views
1K
mr-wolf
M
Back
Top