Plesk certificate expiring

[Rocky@]

Hey Cranky,

I cheer your spirit of willing to help. If we have more people like you on the Plesk forum, it will definitely have a future. But, can you see that many questions on this forum got unanswered? Please do try to help them also.

As I have told you before, I just got this Plesk box for the first time, setting up to get ready to transfer from the CPanel. I am lucky that this happens before I transfer my files.

This box is at EV1, so all I have to do is press a button to restore it to it's original state. Even though I don't enjoy going through all the updates and customizing that I have already done up to now, it is still better than spending another 10 hours or paying extra to Plesk to restore PSA.

Thanks for the help. I will definitly need your help soon to complete the setup to the point that I am confident enough to transfer from CPanel.

Sam

 

[Cranky]

The problem is I don't have the time to help everyone, and I don't have all the answers unfortunately. I stumbled across your post and thought I'd start arguing about CPanel which is why I ended up replying to you specifically.

A reinstall sounds best, but it may be worth troubleshooting the system yourself to help you out in future when you have clients on the system and hit a problem

 

[Rocky@]

You definitly would have to prove to me that Plesk is good! I am giving Plesk to the end of the month to prove that it is worth the switch. So far I am getting quite tired of it.

So, now my server is back to its primitive stage and now I am up2dating the RHE. Everything is up2date except Apache.

Could you teach me how to update Apache in RHE S3?

Sam

 

[SiMuL]

Hey Rocky!! I used to work for EV1, and I know all about the many problems that can happen!!

I'm not going to join an arguement so much as just say my opinion... CPanel is a great panel if you need FULL absolute access to the server (root) via a web GUI... Not necessary for most hosting applications. But sometimes you may need it.

Plesk on the other hand, is very simple, yet still extremely powerful, because of it's vast array of features and it's ease of use. It's also VERY easy to update and reinstall if necessary.

Which brings me to the very reason I replied in the first place...

Don't get a restore next time you need to reinstall Plesk (lets hope this doesn't happen. it's really not that problematic.. I've been running a couple plesk servers for over a year now, trouble-free) Plesk is VERY good about being reinstalled on top of itself... just login to sw-soft.com and go to the downloads section for plesk reloaded, download the lastest 'autoinstaller' for RedHat Enterprise ES3 (that should be what EV1 is still using). It's a shell script, download it to the server via SSH (as root) and type 'sh <name of file>' and it will start the install process, just answer all the questions it asks and you'll be on your way..

I've done this many times.. so if you don't feel confident enough to do so, please PM me and we might arrange something.. Again, this shouldn't be a problem in the future for you.. (so long as you got a stable server, hardware-wise with ev1) since you already got the restore..

In any event, good luck with your Plesk experience, I still recommend it for a very nice, easy to use hosting solution.

Cheers!

 

[Rocky@]

Thank you guys, for your enthusiasm and, maybe, bias toward Plesk.

I reinstalled and updated everything. Not with out glitches. had to rebuild DB a couple of times to get PSA work. The PSA autoupdate failed and had to fix something to get it work. You said updating Plesk was easy. I never had that kind of glitches updating CPanel. Maybe just my freaking bad luck with Plesk!

Now the last thing I installed was Sitebuilder. Boy, it didn't go smoothly either. I had to hunt for a couple of dependent rpms and MySQL didn't restart and so on.

Now I have a question that I posted at the following link, since this is unrelated topic:

http://forum.sw-soft.com/showthread.php?s=&postid=102410#post102410

Thanks, SiMuL for telling me that PSA is easy to setup. Since it came with my server, I never tried it so didn't think of attempting it. But it's good to know.

Good luck to you guys!

 

[Traged1]

Did we learn how to fix the problem originally posted in this thread before we went off topic?

################# SSL Certificate Warning ################

Certificate for plesk, in '/etc/httpd/conf/httpd.pem':

The certificate needs to be renewed; this can be done
using the 'genkey' program supplied with Red Hat
Enterprise Linux.

Browsers will not be able to correctly connect to this
web site using SSL until the certificate is renewed.

##########################################################
Generated by certwatch(8)

I am not using any plesk certificate.

I have a CA signed certificate installed to many IP's and I have set our CA cert as default as well as installing it into the PLESK control panel and I still have this SSL cert warning? It's like the Cert from hell, it won't go away, lol.

 

[tmonsen]

The /etc/httpd/conf/httpd.pem file is a certificate similar to the others served on your server. The only difference is that in this case the rsa key and certificate file are both in the same file.

You can generate a csr from the current key with:

openssl req -new -key httpd.pem -out server.csr

You could then take the server.csr file to you favorite certificate vendor and have a signed certificate setup, but it appears that the cert is used in the httpd.include file for the virtual host for /usr/share/psa-horde, however I have yet to find a url using certificate. This being the case you could just generate your own certificate:

openssl x509 -req -days 360 -in server.csr -signkey httpd.pem -out server.crt

You would then replace the httpd.pem files:
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----

with the contents of server.crt (no trailing spaces)

restart apache and the file certificate will be updated. I'm interested to know how this certificate is being used, if anyone knows, I'd love to hear it.

(the '-days 360' can be specified as many days as you want, so if you find no problems replacing the certificate in this way you could really set it for a couple thousand days and not get a certificate expiring e-mail for several years)

 

[b-nut]

Has anyone tried this?

Has anyone followed these steps to fix the cert? I have 8 days left to fix it before my cert expires. This sounds reasonable, but I'd rather not mess things up to the point of requiring a re-install.

Please let us know if you have tried this method for updading the cert and what results you got.

 

[alex042]

We followed these as well as whatever other instructions we could find and even pulled our datacenter in to fix this and nothing worked until we rebooted.

 

[Traged1]

Instead of just restarting httpd, did you try restarting all plesk servers with

# /etc/init.d/psa stopall
# /etc/init.d/psa startall

??

 

[Traged1]

Oh ya you will need to also restart the PLESK server after that command with

# /etc/init.d/psa start
Or
# /etc/init.d/psa start1

 

[wellisch]

I experienced this same problem when the certificate I purchased through Plesk expired. I purchased a new certificate and installed it through Plesk without a problem but I was still getting the same error message.

There were two things I had to do to get rid of the problem which may not be obvious.

1. Go to Server -> Certificates

After installing the new certificate you have to click "set up" next to it so Plesk will use it.

2. Go to Server -> IP Addresses

Assign the new certificate to the appropriate IPs

That should do it!

 

[Jllynch]

Make sure you do the setup bit. That got me for a sec.

Australian Hosting