• Hi, Pleskians! We are running a UX testing of our upcoming product intended for server management and monitoring.
    We would like to invite you to have a call with us and have some fun checking our prototype. The agenda is pretty simple - we bring new design and some scenarios that you need to walk through and succeed. We will be watching and taking insights for further development of the design.
    If you would like to participate, please use this link to book a meeting. We will sent the link to the clickable prototype at the meeting.
  • (Plesk for Windows):
    MySQL Connector/ODBC 3.51, 5.1, and 5.3 are no longer shipped with Plesk because they have reached end of life. MariaDB Connector/ODBC 64-bit 3.2.4 is now used instead.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Resolved SSL issue for some visitors, but not all

pieterpost

New Pleskian
Server operating system version
Ubuntu 22.04
Plesk version and microupdate number
18.0.64_build1800241008.13
I have a difficult issue with my Plesk managed STRATO VPS and really need help. Whenever I visit the main domain with the OwnCloud site that is installed there, everything is just fine. Correct page, correct certificate. However, some visitors (not all) somehow get to the Plesk login screen and get the Let's Encrypt certificate for the Plesk environment, instead of getting to the OwnCloud login page. Or worse: their browser refuses the connection, because of the certificate domain mismatch (the plesk server has a *.plesk.page host name).

It is really hard for me to debug this issue, as I cannot reproduce it from my end and I am unsure where to look for debug information.

Here are some details:
- Plesk Obsidian v18.0.64_build1800241008.13 os_Ubuntu 22.04
- DNS is managed by STRATO

Under Tools & Settings > General Settings > Customize Plesk URL the "All domains and subdomains that resolve to the server IP address but are not used for hosting" setting is activated, when I choose "No custom URLs. Only https://<server-IP-or-hostname>:8443" the users that wrongly get directed to the Plesk login now get a "Not Found" Apache error. Could this be a hint? Is Apache unaware of the fact that the main domain should direct to the OwnCloud instance?

When I run the SSL Labs test I get a "Certificate not valid for domain name" for the IPv6 address, but for the IPv4 address I get A grade, all fine. Could this be a hint?

I really don't know here to look. Is it a SSL issue, is it an Apache issue? Where can I look to debug this? Where does the server keep logs whenever a user ends up with the wrong certificate?
 
"Certificate not valid for domain name" for the IPv6 address
I would start with this notice. Users who use IPv4 only and who can use IPv6 could see different results/answers from Plesk. It seems you have the IPv6 address. Is it configured on Plesk, and is it configured for a domain?

(the plesk server has a *.plesk.page host name).
It is good for starting, but as a long-term solution, I would recommend configuring a separate hostname for Plesk inside a domain you own, How-to-change-or-get-the-server-hostname-on-Plesk-server and protect it with SSL/TLS certificate as well, How-to-secure-a-Plesk-hostname-on-port-8443-with-an-SSL-certificate-Let-s-Encrypt-other-certificate-authorities.
 
Thanks, it turned out it was the IPv6 setting of the domain. I thought that adding the IP address in Tools & Settings > IP Addresses was enough, but apparently not
 
Back
Top