• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question SSL activation failure

M

MattJ

New Pleskian
Hi Guys,

Hope you could help shed some light.

I'm running a Plesk CloudLinux server and I'm having trouble activating SSL's via the Lets Encrypt.

SSL IT! informs me the SSL has been installed correctly however upon reviewing the domain on the browser level it returns the following insecure errors:
NET::ERR_CERT_COMMON_NAME_INVALID

Hoping you can assist
Matthew J
 
Hi Peter,

Thanks for your reply

Yes, I have ticked www. subdomain as well as webmail. however, all including the naked domain still return an insecure error.
 
Is the browser connecting to the correct server IP?
Is the correct certificate selected in "Hosting Settings" of the domain on that server where the browser connects to?
 
Hi peter correct,

Here is a worked example of a domain im looking into:
Domain - balancecompany.co.za
SSL Reissued as Lets Encrypt on the following www., webmail and balancecompany.co.za and specified on the hosting setttings.

The domain is propagated to the correct shared hosting IP as per the following A record lookup:
www.whatsmydns.net

DNS Propagation Checker - Global DNS Checker Tool

Instant DNS Propagation Check. Global DNS Propagation Checker - Check DNS records around the world.
www.whatsmydns.net www.whatsmydns.net

Hosting settings and SSL settings can be seen in the attached screenshot:

The apache error logs also return the following:

Warning		AH01909: balancecompany.co.za:443:0 server certificate does NOT include an ID which matches the server name
 

Attachments

  • Screenshot 1.png
    Screenshot 1.png
    66.7 KB · Views: 7
  • Screenshot 2.png
    Screenshot 2.png
    53.8 KB · Views: 7
From settings perspective, everything looks correct. Meanwhile, a wrong certificate is using, looks like it is a certificate for a server itself, see SSL Server Test: balancecompany.co.za (Powered by Qualys SSL Labs).

Is there possibility to select another certificate in the "Certificate" drop-down ("Screenshot 1")? Could it be a certificate with a wrong named (if it was renamed before)? The name is only the name, but it does not mean that it really contain a certificate for the domain with the same name.
 
Hi AYamshanov,

Thank you for your insight,

Yes, I can see from the above the SSL is assigned to the server hostname and not the subsidiary domain name.

From the certificate list my options are as follows:

I have also tested the default certificate without joy :(.

Regarding renaming nothing has been actioned to date.

The active SSL on the server are as follows:
 

Attachments

  • Screenshot 3.png
    Screenshot 3.png
    30.8 KB · Views: 6
  • screenshot4.png
    screenshot4.png
    79 KB · Views: 6
That is strange. As a quick test, I would recommend to re-issue a Let's Encrypt certificate for the domain, my expectation is web-servers configs are updated and a correct certificate will be used.

If it does not help, it is better to contact Plesk Support team to find a root cause (especially if it is a bug) to figure out steps to reproduce and create a bug-report with necessary details for further fixing.
 
You must log in or register to reply here.

Similar threads

L
Issue ( authorization token is unavailable ) Could not issue/renew Let`s Encrypt certificates
Replies
7
Views
349
Leta
L
Rendor9
Resolved I can't renew my plesk onyx interface SSL certificate.
Replies
4
Views
2K
Rendor9
Rendor9
J.Wick
Resolved Plesk 18.0.61 Login Problem w/ Google Auth/MFA & Cloudflare
Replies
16
Views
2K
svehei
svehei
W
Resolved SSL certificate error (multiple certificates)
Replies
9
Views
4K
webolot
W
Lenny
Resolved Seeking Assistance with API Communication Issues via SSL on Plesk
Replies
4
Views
2K
Lenny
Lenny
Back
Top