• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:
    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question Obtain Letsencrypt flag "Select what else can be secured" from database

M

mr-wolf

Silver Pleskian
Plesk Guru
I would like to issue an SQL-command that shows me all the domains that has the flag "Select what else can be secured" not selected.
It seems several clients are getting into troubles because of this.

Even when the website is not using it, Microsoft's Outlook mail settings discovery can stumble over it because it checks the https://www.<domain> before it checks the server set with an SRV-record and shows a certificate error now and then...


I can't seem to find where this flag is stored in the database :(
 
Last edited:
You can enable Plesk debug mode and try to find related SQL query in panel.log when you select or unselect this option.
 
Hi Igor, thanks for this hint...
I tried this and have been looking at those logs for quite a while, but I can't see where that flag is.
It's not that it only updates that flag.
It is doing a lot of stuff.

Would it be possible to ask one of the technicians?
This would be really valuable information for me and others.

I can return the favour to the community by writing and publishing a script here that enables all Plesk users to do the same.

I have written several scripts that checks configurations.
An example is a script that shows all domains that have mail enabled whilst the MX-records in fact point to another server.
Or setting all TTL records to the default values when they are set different.
 
Developers have informed that these flags are not stored in the database, but are parsed on the fly from certificates. They offered a script that does it.
 

Attachments

  • cert.php.zip
    3.9 KB · Views: 2
Thanks Igor and thanks to them....

Here's how I get a list of "1 dot domains" that don't have WWW set using that script:

php cert.php | grep -B1 'Has WWW.*No' | grep -v '\..*\.' | grep ^Domain

Having that list of domains I could then correct all the domains on that server.

Thanks :)
 
You must log in or register to reply here.

Similar threads

marvin
Issue IMAP requires security certificate? Maybe?
2 3
Replies
40
Views
5K
Peter Debik
P
C
Issue DKIM and SPF do not align with RFC5322. Then DMARC result is fail.
Replies
2
Views
2K
cmartinez127
C
J
Resolved How do I access a database dump from a backup?
Replies
4
Views
3K
Janus Bahs Jacquet
J
I
Question Problems with Email certificate renewal - seems linked to changes in SNI support
Replies
0
Views
3K
iainh
I
DerDanilo
Issue Let's Encrypt and "Assign the certificate to mail domain" problems and AutoDiscovery issues caused by this
Replies
7
Views
3K
Kaspar
K
Back
Top