Input The SSL It! extension

[AYamshanov]

Server operating system version

Ubuntu 22.04

Plesk version and microupdate number

Plesk Obsidian 18.0.49

Hi,

Can't find a general topic about the "SSL It!" extension for discussing new features (and collecting feedback or bug-reports if any). Let me create it.

In January 2023, SSL It! has been released with the new main screen (server-wide, available only for Plesk Admins), which offers a bird's view of all domains, installed certificates (if any), the certificates' expiration dates, and certificate authorities. It is now also possible to filer domains by status (valid, expired, self-signed, and so on) and certificate authority.


...despite the fact that the screenshot contains only certificates from Let's Encrypt, the extension also shows required information for paid certificates if they are installed and configured for domains...

Have you already had a chance to see how it works? Do you have any feedback/ideas what should be changed or improved?

 

[Kaspar]

That's a useful addition to the SSL it! extension. Thank you. It would be nice if the SSL it! main screen could be accessed via a link on the Tools & Settings page where it's easier to find (IMHO).

As for other new features and improvements I feel these two ideas would be great additions too.

1. Option to enable or disable automatic issue SSL certificate per domain (instead of per subscription)
   I know this idea has only one vote. But I suspect this would be useful to quite some users, especially to those who use Plesk and also use external web services like Wix or Squarespace.
   
   
2. This second feature ties in with the first feature I mentioned. An option to secure the mail.<exmaple.com> sub domain for mail purposes instead of the primary domain for users who use CouldFlare or similar proxy services. Or for users who use external services for their website like Wix or Squarespace. There is acceptable workaround for this use case, but an out of the box solution would be even beter.

 

[AYamshanov]

Thank you, Kaspar, for the feedback, nice to hear that and I will share it with developers.

Regarding adding a link to the Tools & Settings, I agree that it helps to easier to get an access to the list of certs. And the same time, the page already has a lots of links and need to be accurate with adding new. Nevertheless, Plesk provides such type of customization and it possible to add such links on the Plesk without additional development on Plesk side,

• Creating Custom Buttons

For the next few months we do not have plans to improve SSL It!. And unfortunately, it is hard to increase priority for idea with 1 vote in a year when on the UserVoice we have lots of ideas that have more voices.

 

[geneseo2023]

Thank you, Kaspar, for the feedback, nice to hear that and I will share it with developers.

Regarding adding a link to the Tools & Settings, I agree that it helps to easier to get an access to the list of certs. And the same time, the page already has a lots of links and need to be accurate with adding new. Nevertheless, Plesk provides such type of customization and it possible to add such links on the Plesk without additional development on Plesk side,

• Creating Custom Buttons

View attachment 22522 View attachment 22521


For the next few months we do not have plans to improve SSL It!. And unfortunately, it is hard to increase priority for idea with 1 vote in a year when on the UserVoice we have lots of ideas that have more voices.

I'm on Plesk 18.0.49, connecting via MacOS 13.2.1. I also have the experience described below when connecting via Ubuntu Linux LTS. I installed my original Let's Encrypt certificate a few years ago using the Let's Encrypt extension. I set it up to renew automatically, but it has never done so. However, in the past I have successfully renewed it manually using the Let's Encrypt extension. Since the extension was pulled into SSL It! I've had great difficulty renewing my certificate manually. Whether looking at the extension in Firefox, Chrome, or Safari, I see no way to renew. This has happened to me a few times, and in each case, after going to the extension repeatedly over multiple days, at some point a button and instructions would show up to renew. My certificate is set to expire in under 20 days, but this time around, after repeated attempts, I still don't see any way to renew manually. SSL It! documentation says that it's possible to renew certificates manually but provides no instructions on how to do so. Additionally, command-line documentation explains how to issue a new certificate but not how to renew an existing one. In Ubuntu, I've tried both Chrome and Firefox. Same result every time. No instructions or mechanism for renewing my existing Let's Encrypt certificate. My site is [redacted]. Thanks for any help you can offer.

 

[Peter Debik]

@geneseo2023:
1) Login to your subscription.
2) Click "Websites & Domains" in the menu.
3) In "Security" click "SSL/TLS Certificates".

4) Click Button "Reissue Certificate"

5) Click Button "Install"

6) Check desired options and click button "Get it Free"

 

[geneseo2023]

Thank you! It was my understanding that there's a difference between renewing and reissuing a certificate, so I've been hesitating to click that "Reissue certificate" button. Reissuing revokes the existing certificate and replaces it with a new one, right? If that's not a problem, I can go that route. In the past, when I would manually renew from the Let's Encrypt extension, I had to add a new acme challenge TXT record to my DNS file. Perhaps I was reissuing all along, not really renewing?

 

[geneseo2023]

@Peter Debik I followed your instructions and succeeded in renewing the certificate. Thanks again!