• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question Help a newbie with letsencrypt SSL for securing plesk

G

GuiltySpark

New Pleskian
Hi,

I'm using Plesk Onyx Version 17.0.17 Update #23.

Its a hosted environment running CentOS 7.

I was having trouble installing an SSL for plesk when I first configured the system (I had already set one up for the main site), the tech support guy at the hosting company said he would do it for me. So he installed a letsencrypt certificate for plesk.

Its been working fine, however its 3 months on and its now expired. There is a schedule task in plesk that (supposedly) runs daily. I ran it manually and plesk says it ran successfully however the certificate is still invalid.

I tried to go back to the tech support guys but this is now "out of their scope for support" despite them installing it in the first place.

Can anyone help me? I've had a look at the letsencrypt site but of course this is inside of plesk so its not exactly the same.

Thanks in advance
 
Hi GuiltySpark,

there was a recent change for the log - location for the Plesk Let's Encrypt Extension:
2.0.3 (13 April 2017)
  • The extension now logs its communication with the Let's Encrypt servers in the "panel.log". This enables better troubleshooting when there are some issues with requesting a certificate.
Click to expand...
Pls. consider to INSPECT the "panel.log", in order to investigate your issue and the root cause. If you need help here, you have to provide the corresponding log - entries, so that people willing to help you have something to start with their investigations.
 
UFHH01, thanks for the info, I'm very new to plesk so I didn't even know that log existed, I can see a bunch of errors which I will work through. Because I am so new I'm kinda nervous about sharing the log and exposing my site..

But a real help would be an answer to a question. I have a VeriSign SSL configured for my site and that works fine. I have a second certificate for securing plesk (it's a let's encryot cert.), is this normal? Why do I need two certificates for the one site?
 
Hi GuiltySpark,

GuiltySpark said:
I have a second certificate for securing plesk (it's a let's encryot cert.), is this normal?
Click to expand...
The Plesk Control Panel is reachable over two ports "8443" ( https ) and "8880" ( http ). The standart installation only delivers a so called "self-signed" Plesk certificate for the usage at port "8443", which is insecure and should be replaced by one of these options:
  • A bought certificate
  • a free Let's Encrypt certificate
Plesk installation routines are not able to apply a valid certificate automatically - the admin has to interfere here. ;)
Plesk has it's OWN webserver ( sw-cp-server ), while your domain(s) use apache ( and nginx, if you use the combination ) - each webserver needs own configuration files.


In addition, you don't have to be "nervous" about server IPs and FQDNs - these are always public informations and no sensitive data. If you still would like to be anonymous, just replace the IPs with "XXX.XXX.XXX.XXX" and the domain(s) with "YOUR-DOMAIN.COM" in attached logs, or corresponding informations in your post(s).
 
Last edited by a moderator:
You must log in or register to reply here.

Similar threads

C
Question How can I secure my Mail with Letsencrypt next to Cloudflares Origin Certificate in Plesk?
Replies
4
Views
1K
cpulove
C
QWeb Ric
Issue Server pool SSL not showing for selection
Replies
0
Views
397
QWeb Ric
QWeb Ric
C
Question Plesk with Cloudflare Proxy DNS Records and Letsencrypt..
Replies
0
Views
1K
cpulove
C
V
Issue Plesk SSL certificate clear
Replies
1
Views
384
Sebahat.hadzhi
Sebahat.hadzhi
C
Issue Cloudflare Origin SSL Zertifikate does work and protect
Replies
1
Views
1K
cpulove
C
Back
Top