1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice

SSL Certificate....

Discussion in 'Plesk for Linux - 8.x and Older' started by JoeBoo, Jan 7, 2005.

  1. JoeBoo

    JoeBoo Guest

    0
     
  2. teknovision

    teknovision Guest

    0
     
    Buy SSL

    Have you purchased a certificate and installed it via the control panel? The server comes with a default certificate (or none).

    You can buy certificates from:
    http://www.google.com/search?q=ssl certificate

    Hope this helps?

    .//phil
     
  3. JoeBoo

    JoeBoo Guest

    0
     
    the certificate came with the server and i was lead to believe that i would not need to purchase another....
     
  4. Jason Lee

    Jason Lee Guest

    0
     
    There is no way to fix your current SSL certificate to change who it is owned by. Your going to need to buy your own certificate.

    They are pretty cheap now adays if you get them from the right place. I'm an authorized FreeSSL partner which provides extreamly well priced SSL certs that are compatable with 99% of all browsers. My basic cert is $45 CAD. Check out my site for more details. www.omegaserv.com
     
  5. Redah

    Redah Guest

    0
     
    You don't -have- to buy another, the certificate you now have is auto-generated by Plesk and will function just like any other SSL certificate.

    However, Plesk is not a 'trusted authority' in basically any browser, so whenever someone goes to your controlpanel they'll get a warning, saying that someone who is untrusted (plesk) made this certificate, and/or that the certificate name is not the same as the domain name. The only way to 'fix' this is to buy a SSL certificate. For just the Plesk login I'd recommend buying a StarterSSL certificate through ev1servers.net for only $9.99. (no this is no advertising).

    Scenario's:

    1. Plesk created a SSL certificate for yourbusinessdomain.com. Now, when someone logs into https://yourbusinessdomain.com:8443 they will only get a warning saying that Plesk is untrusted. If they choose to accept this, the session will still be secured.

    2. Plesk created a SSL certificate for yourbusinessdomain.com. Now, when someone logs into https://yourcustomerdomain.com:8443 they will get a warning saying that Plesk is untrusted, and that the name on the certificate doesn't match the domain name they entered. If they choose to accept these warnings, the session will still be secured.

    3. You bought a SSL certificate for yourbusinessdomain.com. Now, when someone logs into https://yourbusinessdomain.com:8443 they will not receive any warning. The session will be secured.

    4. You bought a SSL certificate for yourbusinessdomain.com. Now, when someone logs into https://yourcustomerdomain.com:8443 they will receive a warning that the name of the certificate doesn't match the domain name they entered. If they accept this, the session will still be secured.

    So, ideally, you'd want scenario 3 to happen. All the scenarios are just as secure, but scenario 3 looks the 'nicest'. Plesk itself doesnt have any way of forcing people to use yourbusinessdomain.com to login, though.

    However there is a way that I have used myself for quite sometime. In Plesk I have setup a domain called cp.mydomain.com. This domain redirects to https://mydomain.com:8443 and is hosted on a seperate IP. Now, with the help of a firewall, I have blocked all incoming traffic for port 8443 on the IPs that other sites are hosted on. So, customers are forced to use the cp.mydomain.com link. They will get the login screen, and the correct SSL certificate, so they don't see any errors. I also strongly believe that this leads to even more name branding (coupled with just my Company's skin and no other skins available in Plesk).

    Again, a StarterSSL certificate would be a cheap option for your certificate, and is available at less than retail from ev1servers.net.


    Hope this helps you in any way :)
     
Loading...