Facebook
Twitter
E
EdwardDekker
Guest
Hi,
Last couple of months do I have some problem with my Plesk installation to enable SSL at a virtual host that also secures Plesk Panel.
My experience:
I select a installed SSL certificate to secure port 8443 that needs secure also a virtual host at the same domain. (Default VPS IP address are same as exclusive IP at my web-server). For this case have I installed the SSL Certificate outside virtual host at Plesk. The SSL Certificate will not showing properly for that domain as I enable SSL on virtual host and connect the IP an SSL certificate to this domain. When I disable the SSL settings on this virtual host than the certificate will appears correctly and the domain are secured and loading a page from /var/www/vhosts/default.
Problem:
A default SSL certificate loads a unsigned server-wide SSL certificate (vps1000.domain.tld) for virtual host when SSL certificate are not installed at the virtual host itself after enabling SSL certificate by IP address.
Solution/Recommendation:
1. Disable default Web-server (vps1000.domain.com) SSL certificate for a virtual host.
2. Load for all domains/virtual host his own SSL certificate that has installed at a virtual host itself. Otherwise use a SSL certificate from IP address (Tools & Settings -->> IP addresses).
3. If no SSL certificate selected from a IP or virtual host, Use a shared SSL certificate instead at Plesk Server ("Tools & Settings -->> SSL Certificates")
3.1. Plesk should now have 2 SSL certificates by default;
3.2. I want to suggest that the Server-wide SSL certificates are periodic extended by Plesk itself, this should also made by a automatic update for every year if the administrator doesn't make new certificates that expires before the expiration date. (This is an improvement for the safety of Plesk and all affected domains)
3.3. 1x SSL certificate for securing Plesk Panel, Web-server and Virtual Host at the same virtual domain. 1 exclusive IP address will become the default IP address of the VPS and Host. Maybe that Parallels have to add a help page at Plesk for this option to the administrator. Usually a new administrator starts with a (virtual)server for 1 shared and 1 exclusive IP and this should become a minimum requirement for Plesk.
3.4. 1x SSL certificate for shared domains and domains that haven't selected a SSL certificate at the IP addresses or virtual hosts. This by default and easy to switch to have more SSL shared certificates @ SSL Server Management and configurable at the IP addresses (Only for the root or admin).
Last edited by a moderator:
