• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

SSL certificate problems

P

Pauli Jokela

Guest
Hey all,

I'll go right out and tell you the domains I currently use with Plesk, as it'll be easier that way.
I'm trying to use the same SSL certificate for both Plesk and my main domain/site, just can't seem to do it.

I'm running Plesk on a GoDaddy VPS, which for some reason restores it's hostname back to the original everytime I change it.

So, the problem is that I've set up a certificate for didstopia.com, but at the moment https://didstopia.com does NOT have a valid certificate, while https://didstopia.com:8443 does.

Thing is, I set didstopia.com's SSL certificate as the default one, as I can't seem to change any of my domain's certificates, none.

The domain/hostname that the VPS keeps resetting to is ip-97-74-126-69.ip.secureserver.net, so for example, if I log out of https://didstopia.com:8443, I'll be redirected to https://ip-97-74-126-69.ip.secureserver.net:8443.

Same thing kinda happens when I log in to Plesk, as the top of the page is using the right (didstopia.com's certificate) while the bottom is using the self-signed certificate.

Either Plesk is royally screwed on this box, or I've missed something.

I appreciate all the help, so please, even if it's just a tip, share it with me.
 
You need to check that domain specified uses dedicated IP address and not shared one.
In case these requirements are met but the issue is still there, it most likely means that changes for some reason were not applied. Please run websrvmng --reconfigure-vhost --vhost-name=<domain.tld>
binary is located in %plesk_bin% on Windows OSor in /usr/local/psa/admin/sbin on Linux OSes.
 
I've tried reconfiguring the virtual host now, let's see if that helps.

Also, I had forgotten about the exclusive/dedicated IP address part, that's now fixed too.

I'm now able to choose SSL certificates for the domain didstopia.com, but, can I use one SSL certificate for all https traffic on didstopia.com aswell as Plesk? Since Plesk seems to be able to use the same SSL certificate, but it also seems to be using it's own self-generated cert.

You'll notice it if you try to visit https://didstopia.com:8443, how the actual index part of the site is using the correct SSL certificate, but the content (lower) part isn't.
 
Oh, one more thing.

I noticed that it's the port 11444 that's using the self-generated SSL certificate, but obviously, it should be using the one that I've specified for Plesk, no?

See here: https://didstopia.com:11444/
 
Bumping this up, since this is rather crucial for my business. :)
 
Hello Pauli,

TCP 11444 port is used by Single Sign-On service in Plesk 9.2.1. The folowing Knowledge Base article contains some information on the subject:

[How to] How to install custom SSL certificate on SSO server?
http://kb.odin.com/en/6138

Regards,
Denis
 
Still no replies, so I'll just post an update to this.

Now, it would seem that the "Secure Control Panel" button sets the specified SSL cert as the default for the web-interface on port 8443, but NOT on the relay port 11444. This is either a bug, or I'm doing something wrong here?

Is there a way to manually swap out the self-signed certificate with my own, so that I can finally secure Plesk and get things started?
 
Solved the SSL problems!

I fixed it, finally!

I'll put up the solution here for anyone who's also experiencing this problem.

All I had to do was run these commands to get the certs and correct hostnames working:

/usr/local/psa/bin/server_pref --update -hostname <new hostname>
/usr/local/bin/sso -s -server https://<new hostname>:11443 -url https://<new hostname>:11444

Easy as pie, just wish I'd known about that before. FYI, I also disabled SSO completely (/usr/local/bin/sso --disable).
 
You must log in or register to reply here.

Similar threads

C
Question Plesk Login for Customers over Subdomain with Certificate.
Replies
2
Views
284
cpulove
C
Polli
Issue Mails only possible with a wildcard certificate
Replies
5
Views
573
Polli
Polli
M
SSL certificate renewal, every 3 months? / Renovación de certificado SSL, cada 3 meses?
Replies
2
Views
979
Raul A.
R
V
Issue Plesk SSL certificate clear
Replies
1
Views
367
Sebahat.hadzhi
Sebahat.hadzhi
D
Resolved Let's Encrypt Certificate missing domain name
Replies
2
Views
455
davorg
D
Back
Top