• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved Secure Plesk with an SSL/TLS certificate

LordLiverpool

LordLiverpool

Basic Pleskian
Hello Plesk,

When I goto to my server I'm greeted by the Chrome certificate error screen.
01 Plesk Certificate [marked].png

Upon logging in Security Advisor tells me to secure my server with an SSL certificate.
02 Plesk Certificate [marked].png

But when I try to install the LetsEncrypt certificate on my AWS Lightsail Server.
03 Plesk Certificate [marked].png

I get an error message to say my domain is probably blacklisted.
04 Plesk Certificate [marked].png

Is there a workaround for this? Should I contact LetsEncrypt or am I wasting my time?

Thanks in advance.
 
@IgorG Thanks for replying. :)
  1. I followed your link to Cannot issue Let's Encrypt certificate in Plesk: Error creating new authz :: Policy forbids issuing for name
  2. Which lead me to  How to secure a Plesk hostname on port 8443 with an SSL certificate (Let's Encrypt / other certificate authorities)
  3. Step 5 said Note: The hostname/domain name must be resolved to a public IP address of the Plesk server from the Internet.
  4. When I looked up my servers name on MxToolBox it resolved to a different IP address.
  5. I tried installing the certificate anyway, but no surprises it was refused.
Is there a workaround to this?

The attached images tell a better story.

Thanks very much.
 

Attachments

  • Plesk 01 [marked].png
    Plesk 01 [marked].png
    24.9 KB · Views: 8
  • Plesk 02 [marked].png
    Plesk 02 [marked].png
    71.6 KB · Views: 8
  • Plesk 03 [marked].png
    Plesk 03 [marked].png
    77.7 KB · Views: 7
As you can see there are different IPs. Is IPs 34.256.xxx and 18.203.xxx belongs to the same server? Why there are different IPs?
 
I don't know why?!? Sorry.

I understand that my Plesk Server needs a static IP address to resolve the DNS for the websites hosted on it.
I had to explicitly ask for a static IP address and I'm billed monthly by AWS for the privilege.

I was expecting its name ec2-xxx-xxx-xxx-xxx.eu-west-1.compute.amazonaws.com to resolve to IPs 34.256.xxx ?!?
What am I misunderstanding here?

(see image attached)

Thanks very much.
 

Attachments

  • Plesk AWS Lightsail with Static IP [marked].png
    Plesk AWS Lightsail with Static IP [marked].png
    75.5 KB · Views: 5
I opened a thread and found a solution.

Thread Here:
community.letsencrypt.org

Could not issue a Let's Encrypt SSL/TLS certificate for AWS Lightsail Plesk Server

@_az Thanks for the heads-up on this. I will now rename my server to something more meaningful. Cheers.
community.letsencrypt.org community.letsencrypt.org

Solution Here:
support.plesk.com

How to secure a Plesk hostname on port 8443 with an SSL certificate (Let's Encrypt / other certificate authorities)

Applicable to: Plesk for Linux Plesk for Windows Question How to secure a Plesk hostname on port 8443 with an SSL certificate (Let's Encrypt / other certificate authorities)? Answer Securi...
support.plesk.com support.plesk.com

Specifically this comment helped me understand what to do:

After assigning a Let’s Encrypt certificate to a subdomain just go to Tools & Settings > SSL/TLS Certificates

Find the option Certificate for securing Plesk and click on [Change] button right to it.

Choose the certificate assigned to subdomain and click OK .
Click to expand...

04 Comment.png

Maybe Step4 of the instructions could be updated as it wasn't clear (to me) as to what to do.

OK so the answer was to use a Let's Encrypt certificate I had successfully issued to one of the domains hosted on my server.
And then use that certificate to secure my server (and the mail)

01 Assigned [marked].png

I used a domain that I owned rather than a client's domain.

02 Secured [marked].png

So now I no longer access the server insecurely via its IP address i.e. http://xxx.xxx.xxx.xxx:8443
but instead securely like so: https://example.com:8443

05 Secure Login [marked].png

See images attached.

Thanks very much.
 
You must log in or register to reply here.

Similar threads

R
Issue SSL/TLS cert for mail server not updating (Lets Encrypt)
Replies
2
Views
890
tessa67
T
M
Issue SSL certificate to secure Plesk IP address issue (Not Lets Encrypt)
Replies
5
Views
752
Kaspar@Plesk
Kaspar@Plesk
defcon8
Issue SMTP SSL Certificate Expired
Replies
2
Views
599
defcon8
defcon8
D
Question Renewing Let's encrypt automatically
Replies
3
Views
494
Kaspar
K
P
Resolved PLESK 18.0.60 Problems to configure mails / Certificates, etc.
Replies
8
Views
760
mow
M
Back
Top