• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question SSL Problem - Server Certificate

T

TobiasGo

New Pleskian
Hi,

on ssl labs, certificates are degraded to B in case of a problem with the server certificate:

The Certificate in #2 is outdated since 2 yeas and 3 months.

How to update this certificate?



Certificate #2: RSA 2048 bits (SHA256withRSA) No SNI
collapse.png

icon-certificate.png

Server Key and Certificate #1
https://www.ssllabs.com/ssltest/get...222b58a366a60a7c4c05d1e86e&time=1593586813181
SubjectPlesk
Fingerprint SHA256: 8b2df1e92705d653b0757c7b9bb4a680c6341d21b84c90353056be20c4b8ef32
Pin SHA256: 5Aof20Yqfs5o3LmX1ZiSeuVqoWsdyFkR+N0lY+Uf6mY=
Common namesPlesk
Alternative names- INVALID
Serial Number58b87a94
Valid fromThu, 02 Mar 2017 20:03:32 UTC
Valid untilFri, 02 Mar 2018 20:03:32 UTC (expired 2 years and 3 months ago) EXPIRED
KeyRSA 2048 bits (e 65537)
Weak key (Debian)No
IssuerPlesk Self-signed
Signature algorithmSHA256withRSA
Extended ValidationNo
Certificate TransparencyNo
OCSP Must StapleNo
Revocation informationNone
TrustedNo NOT TRUSTED
Mozilla Apple Android Java Windows

icon-certificates.png

Additional Certificates (if supplied)
https://www.ssllabs.com/ssltest/get...222b58a366a60a7c4c05d1e86e&time=1593586813181
Certificates provided1 (833 bytes)
Chain issuesNone

icon-chain.png

collapse.png
Certification Paths
MozillaAppleAndroidJavaWindows
Path #1: Not trusted (path does not chain to a trusted anchor)
https://www.ssllabs.com/ssltest/get...05d1e86e&time=1593586813181&id=1&trustStore=5
1Sent by server
Not in trust store		Plesk Self-signed
Fingerprint SHA256: 8b2df1e92705d653b0757c7b9bb4a680c6341d21b84c90353056be20c4b8ef32
Pin SHA256: 5Aof20Yqfs5o3LmX1ZiSeuVqoWsdyFkR+N0lY+Uf6mY=
RSA 2048 bits (e 65537) / SHA256withRSA
Valid until: Fri, 02 Mar 2018 20:03:32 UTC
EXPIRED
 
Or is it possible to deactivate this Server Certificate?
On SSLLabs it is a problem, with the second certificate, in case of missmatch in servername.
 
You must log in or register to reply here.

Similar threads

D
Resolved Let's Encrypt Certificate missing domain name
Replies
2
Views
440
davorg
D
N
Issue Plesk Hostingpanel SSL Certificate Appearing in SSL Test for My Domain
Replies
4
Views
692
learning_curve
learning_curve
K
Resolved Plesk panel update fails with "certificate has expired"
Replies
3
Views
557
Sebahat.hadzhi
Sebahat.hadzhi
R
Issue Problems Issuing a Let's Encrypt Certificate
Replies
6
Views
890
Robin McDermott
R
QWeb Ric
Issue Server pool SSL not showing for selection
Replies
0
Views
370
QWeb Ric
QWeb Ric
Back
Top