• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Question "This site can’t provide a secure connection" in Chrome and Edge

R

rcacciato

New Pleskian
Our website generates this error in Chrome and Edge:

This site can’t provide a secure connection​

blue-iceberg.com sent an invalid response.


ERR_SSL_PROTOCOL_ERROR

What's odd is that it's fine in Safari and Firefox. When I run the SSL test in sslshopper.com, I get that it's OK (screenshot attached) but when I run a test on ssllabs.com we get an F (2nd screenshot). I have other sites that fail the OpenSSL Padding Oracle Vulnerability test and get an F but they work fine. I'd like to address this but the critical difference seems to be that this test shows "This site works only in browsers with SNI support." while the sites that are fine don't show that. How do I fix it? I don't see anything that addresses this in Plesk.

Thanks in advance.
 

Attachments

  • Screenshot 2023-11-22 at 12.35.58 PM.png
    Screenshot 2023-11-22 at 12.35.58 PM.png
    230.2 KB · Views: 7
  • Screenshot 2023-11-22 at 12.31.34 PM.png
    Screenshot 2023-11-22 at 12.31.34 PM.png
    182.3 KB · Views: 7
So I've been told that part of the problem is that our versions of Apache and OpenSSL are too old. I have been advised to update them on another discussion list (community.letsencrypt.org) but can't update these in Plesk. The server is running Plesk Onyx Version 17.8.11 Update #94. I thought that an upgrade to Plesk Obsidian would solve this but our hosting company, GoDaddy, is not willing to do this on our server yet. I'm angry because we used to host with Mediatemple which had good tech support but they were acquired by GoDaddy and we were migrated to a new server recently which I believe is the root of all these problems.

My question is: if I update Apache and OpenSSL manually via SSH, will that break Plesk Onyx or will things still be OK?
 
Can we assume that you are also on an unsupported operating system? What's the OS and version?
 
Thanks, AYamshanov. If I update Apache and OpenSSL via SSH, will it "break" Plesk Onyx? I don't think our hosting provider is open to an upgrade... Also will it leave the old versions of PHP in place? Thanks in advance.
 
Unfortunately, I can't guarantee anything just because CentOS6 is not supported, Plesk Onyx is not supported either, I do not know how exactly the server is configured. In this case, my recommendation is to plan a migration to up2date OS and Plesk with Plesk Migrator, to be honest.

If you still want to upgrade the server, I would strongly suggest to create a backup of whole server somewhere externally (not on the same server) and also check that it will be possible to restore it if necessary. Such changes on unsupported servers are always a risk.
 
OK, it's taken me a while to realize this... I'm running a Wordpress site (www.quatt.com) on the same server with a Letsencrypt certificate. The site has a secure connection. So it appears that if the configuration is correct, the SSL connection can be established with the versions of CentOS and OpenSSL I have installed. So there must be some setting that enables a secure connection vs. the settings that prevent a secure connection. Any ideas?
 
You must log in or register to reply here.

Similar threads

IAR
Question Update OpenSSL on CentOS 6.4 (due to ERR_SSL_PROTOCOL_ERROR message)
Replies
1
Views
1K
ChristophRo
ChristophRo
A
Resolved Site Can't Provide a Secure Connection...anyone else getting this as Im new to Plesk
Replies
2
Views
772
Peter Debik
P
G
Resolved I can't Access my Plesk server
Replies
5
Views
4K
372D
3
W
Issue Can no longer connect to nginx from localhost
Replies
1
Views
937
Peter Debik
P
marvin
Issue IMAP requires security certificate? Maybe?
2 3
Replies
40
Views
4K
Peter Debik
P
Back
Top