• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Resolved plesks mail server cert will not update

T

TomBoB

Regular Pleskian
mail server cert seems to be stuck on the default parallels cert. and cannot be updated.

Done hte tools & settings , etc as per https://support.plesk.com/hc/en-us/articles/115000179934 which shows it SHOULD use the lets encrypt cert. however it is still on parallels default.

Tried to set the mail servers cert as per How to secure Plesk and mail server with Let's Encrypt certificate via CLI? and that didn't help either.

email clients stilll are served the default parallels cert.
And a
Code: 
openssl s_client -showcerts -connect proper.hostname.com:995

still results in
Code: 
CONNECTED(00000003)
depth=0 C = US, ST = Virginia, L = Herndon, O = Parallels, OU = Parallels Panel, CN = Parallels Panel, emailAddress = [email protected]
verify error:num=18:self signed certificate
verify return:1
depth=0 C = US, ST = Virginia, L = Herndon, O = Parallels, OU = Parallels Panel, CN = Parallels Panel, emailAddress = [email protected]
verify error:num=10:certificate has expired
notAfter=Dec  1 12:04:42 2016 GMT
verify return:1
depth=0 C = US, ST = Virginia, L = Herndon, O = Parallels, OU = Parallels Panel, CN = Parallels Panel, emailAddress = [email protected]
notAfter=Dec  1 12:04:42 2016 GMT
verify return:1
---
Certificate chain
 0 s:/C=US/ST=Virginia/L=Herndon/O=Parallels/OU=Parallels Panel/CN=Parallels Panel/[email protected]
   i:/C=US/ST=Virginia/L=Herndon/O=Parallels/OU=Parallels Panel/CN=Parallels Panel/[email protected]

any idea what else I can try to get Plesks mail server recognise the proper cert instead the original; default?

Cheers,
Tom
 
Please check your panel.ini file if it contains

[ext-letsencrypt]
key-algorithm = ECDSA
ecdsa-curve-name = prime256v1 ; can be omitted

The ECDSA certificates cannot be handled by the mail certificate setting. You need to remove ECDSA algorithm, then re-generate the certificate. It will then work again.
 
Hi Peter,

you're a star! Nailed it! Thanks for the help!!

I actually read the lets encrypt extension forum which makes it quite clear - however being down with Hepatitis A, I forgot it as quickly as I read it...

A big thanks again,
Tom
 
You must log in or register to reply here.

Similar threads

Endre
Issue Unable to access the remote backup storage using SFTP
Replies
6
Views
1K
Endre
Endre
M
Resolved Server Error 500 Plesk\Exception\Database
Replies
2
Views
1K
mrcx
M
N
Issue 2 Plesk servers, 1 domain.
Replies
2
Views
722
nalayh
N
We are Borg
Issue FTP Storage Settings Password not filled in
Replies
11
Views
3K
We are Borg
We are Borg
Epic Voyage
Issue PHP imap_open + ADDTrust External CA Root Expiration
Replies
1
Views
2K
Epic Voyage
Epic Voyage
Back
Top