Facebook
TwitterInstalled new 12.5 Admin Plesk on Ubuntu 14.
Migrated data from old Plesk, everything works.
Webmail is activated, set to Horde.
Did https://kb.odin.com/en/123648
But when I open webmail.domain.tld I get a different certificate than the one I uploaded.
So I tried adding debug logging:
Nothing wrong. Lists the correct cert.
Then I tried putting an invalid character in the pem file it's supposed to be using - and it even throws an error as if it would try to use it
But when comparing the certificate in that file and the one returned by the web server - it does not match.
I tried to lookup which certificate it is serving instead - but it seems to be the Plesk default one that's found in multiple pem files around the server. Looking for *.conf files referring to those pem files yielded nothing enlightening:
used by
and all of the subdomain configs:
Anybody an idea?
Migrated data from old Plesk, everything works.
Webmail is activated, set to Horde.
Did https://kb.odin.com/en/123648
But when I open webmail.domain.tld I get a different certificate than the one I uploaded.
So I tried adding debug logging:
Code:
[ssl:debug] [pid 19005:tid 139669045843840] ssl_util_ssl.c(407):
AH02412: [webmail.domain.tld:443] Cert matches for name 'webmail.domain.tld' [subject: CN=webmail.domain.tld / issuer: CN=Let's Encrypt Authority X1,O=Let's Encrypt,C=US / serial: xx/ notbefore: Jan 25 14:59:00 2016 GMT / notafter: Apr 24 14:59:00 2016 GMT]
[ssl:debug] [pid 19005:tid 139669045843840] ssl_engine_init.c(893): AH02236: Configuring RSA server private key
[ssl:info] [pid 19006:tid 139669045843840] AH02200: Loading certificate & private key of SSL-aware server 'webmail.domain.tld:443'
[ssl:debug] [pid 19006:tid 139669045843840] ssl_engine_pphrase.c(506): AH02249: unencrypted RSA private key - pass phrase not required
[ssl:info] [pid 19006:tid 139669045843840] AH01914: Configuring server webmail.domain.tld:443 for SSL protocol
[ssl:debug] [pid 19006:tid 139669045843840] ssl_engine_init.c(328): AH01893: Configuring TLS extension handling
[ssl:debug] [pid 19006:tid 139669045843840] ssl_engine_init.c(838): AH02232: Configuring RSA server certificate
[ssl:debug] [pid 19006:tid 139669045843840] ssl_util_ssl.c(407): AH02412: [webmail.domain.tld:443] Cert matches for name 'webmail.domain.tld' [subject: CN=webmail.domain.tld / issuer: CN=Let's Encrypt Authority X1,O=Let's Encrypt,C=US / serial: xx/ notbefore: Jan 25 14:59:00 2016 GMT / notafter: Apr 24 14:59:00 2016 GMT]Then I tried putting an invalid character in the pem file it's supposed to be using - and it even throws an error as if it would try to use it
Code:
[ssl:emerg] [pid 20451:tid 139795525461888] AH02241: Init: Unable to read server certificate from file /opt/psa/var/modules/letsencrypt/etc/live/webmail.domain.tld/cert.pemI tried to lookup which certificate it is serving instead - but it seems to be the Plesk default one that's found in multiple pem files around the server. Looking for *.conf files referring to those pem files yielded nothing enlightening:
Code:
/opt/psa/admin/conf/httpsd.pem
/opt/psa/etc/httpsd.pem
/usr/share/pop3d.pem
/usr/share/imapd.pem
/etc/postfix/postfix_default.pem
/etc/dovecot/private/ssl-cert-and-key.pem
/etc/apache2/httpd.pem
/opt/psa/var/certificates/certLnjjcD7
Code:
/etc/proftpd.conf
/etc/sw-cp-server/conf.d/plesk.conf- /etc/apache2/plesk.conf.d/vhosts/*.conf
- /var/www/vhosts/system/*/conf/httpd.conf
Anybody an idea?
Last edited:
