• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue Domain forwarding leads to bad-ssl-cert-domain error

I

itval

New Pleskian
Hi,
following scenario:

domain1.de on server1
domain1.eu on server1
domain2 on server2

domain1.de and domain1.eu are now separate domains on server1 with Plesk Obsidian 18.0.25. At the beginning domain1.eu was an alias domain from domain1.de. This has been changed by deleting domain1.eu in Plesk.
Domain1.eu was newly created with Lets encrypt = ON and put on forwarding (301) to domain2. The statis is active.

When typing in Firefox 68.6 ESR or IE 11

domain1.eu
www.domain1.eu

forwarding to domain2 works fine.

When typing (or using stored links with) or browser adds https://



I (and all our customers) get a SSL_ERROR_BAD_CERT_DOMAIN and could make an excemption. When looking at the certificate I see that it is for domain1.de instead of domain1.eu.

Why does Plesk use the wrong domain1.de with Lets encrypt when setting up a new domain? Has the alias setting before something to do with it?

thx,
Lino
 
Last edited:
2nd question:

I deleted domain1.de on plesk and created it new, this time with LetsEncrypt = ON. When typing

https://domain1.de

I reach the Plesk login page from server1.

when typing

https://www.domain1.de

I get the SSL_ERROR_BAD_CERT_DOMAIN again even the domain name in the certificate is the same domain1.de
 
In your "Hosting Settings" make sure you are not using a "preferred domain", e.g. set this to "none".

If you have a domain that is forwarded to another domain on the same server, I recommend to not to forward it by a 301 redirect, but to make it an alias to the target. Because with an alias, you can add the domain to the target's SSL certificate. This will avoid the SSL_ERROR_BAD_CERT_DOMAIN. A redirect can only have a certificate by doing some magic, so normally a redirect that is opened with an https link will lead to a cert error. When you use the alias solution this won't happen.

A domain that is removed an re-created will need the server restart interval to route to the correct destination. It is therefor possible that it is routing to the login page for a short period of time during which the reconfiguration has not yet finished.
 
You must log in or register to reply here.

Similar threads

W
Issue Mail forwarded on the server in the target mailbox is delivered to the SPAM folder
Replies
0
Views
501
W4ru
W
J
Resolved WordPress Network setup on Alias -- how to add alternative domains with Lets Encrypt SSL Certs?
Replies
3
Views
2K
joell
J
B
Resolved Shared hosting with multiple domains SSL/TLS issues
2
Replies
20
Views
5K
bork
B
G J Piper
Resolved SSL It! Let's Encrypt Not Issuing Certificate on MX-only Domain
Replies
8
Views
628
G J Piper
G J Piper
M
Issue Wordpress MU alias domains with Let's Encrypt - hit the error: Order cannot contain more than 100 DNS names
Replies
1
Views
660
Kaspar
K
Back
Top