• The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Website certificate reverting to default

C

CharlieW

Guest
I have a new 9.2.2 server running only a few web sites right now. One of these sites is running on a dedicated IP with its own certificate. Randomly, it seems, the cert for this site will revert to the "default certificate" built into plesk. There seems to be no rhyme or reason as to why this is happening or when. Has any one else ran into this? If so, could you shed some light on whats going on?
 
We've got the same problem happening here, and I don't suspect support will be very helpful, but rather pass on the issue as being a "one off" or due to something with our setup. So far it's happened twice, and as you can imagine, our customers aren't particularly happy.

Any ideas?
 
For now, I've come up with the following script to determine sites with invalid SSL certificates. I've got it running as an hourly cron:

Code: 
#!/bin/sh
mysql -uadmin -p`cat /etc/psa/.psa.shadow` psa -e "SELECT d.name AS \`Domain\`, c.name AS \`Dedicated SSL Certificate\`, ic.name AS \`Actual Active SSL Certificate\` FROM hosting h JOIN ip_pool p ON (p.ip_address_id = h.ip_address_id AND p.id > 1) JOIN domains d ON (d.id=h.dom_id) JOIN Repository r ON (r.rep_id=d.cert_rep_id) JOIN certificates c ON (c.id=r.component_id) JOIN IP_Addresses i ON (i.id=h.ip_address_id) JOIN certificates ic ON (ic.id=i.ssl_certificate_id) WHERE p.type='exclusive' AND c.cert != '' AND i.ssl_certificate_id != component_id;"

Basically this will output any domains that have an SSL certificate in their repository, where that repository is marked as being active for the domain, but the SSL certificate for their IP address (exclusive IP) does not match the one that's in the repository. You'll get the domain, the SSL certificate that should be active, and the SSL certificate that is actually active.
 
You must log in or register to reply here.

Similar threads

N
Issue Problem after create a new subdomain
Replies
1
Views
750
NITROFOX
N
B
Issue Change certificate for lists vhost for mailman3
Replies
0
Views
589
blindzero
B
B
Issue High latency, unreliable performance & 522 errors on a Plesk server that ran fine for 6+ months
Replies
8
Views
2K
HHawk
HHawk
B
Issue Default Page Certificate issue (no new cert)
Replies
1
Views
2K
Peter Debik
P
J
Issue Nothing but issues. Email DNS random system reboots
Replies
9
Views
1K
jammer699669
J
Back
Top