• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Resolved LetsEncrypt Plesk Hostname

M

MikeA

New Pleskian
Ever since I've used Plesk (12+) I've never been able to use the SecurityAdvisor LetsEncrypt extension to create a certificate for my server hostname that Plesk runs on. I've ignored this issue and just used the self-signed certificate since I rarely use the admin end, but I'd like to finally find a fix for my problem.

I just updated to the latest release, Onyx, hoping it would fix the issue since but nothing has changed.

Note: I'm not talking about website SSL, I'm referring to the actual server hostname to connect to Plesk admin interface.

br9bTmA.png


IQylcnh.png


Generating certificates for websites on the server works fine with the official LetsEncrypt extension, but using the SecurityAdvisor to generate hostname certificate always gives the error above. Does anyone else have this problem?
 
Hi MikeA,

your provided error - message indicates, that you don't have a subdomain created for your hostname ( as for example: server1.YOUR-DOMAIN.COM ). Due to the fact, that Let's Encrypt needs the documentroot "/var/www/vhosts/YOUR-DOMAIN.COM/server1.YOUR-DOMAIN.COM" to verify the challenge, you will certainly experience possible issues, if it isn't existent. Therefore I thought it might be a good idea to show you some additional alternatives with the mentioned link.

Another alternative than to create a subdomain "server1" at "YOUR-DOMAIN.COM", is to use DNS - entries fo verify the Let's Encrypt challenge. Pls. see as well one of myprevious posts here in the forum: =>
UFHH01 said:
...
To start, I assume, that you already installed a Let's Encrypt - certificate over the Plesk Control Panel, which includes at least the domain - name ( either with or without "www." ).
You should now visit

=> Free SSL Certificate Wizard and other SSL Tools @ ZeroSSL ( external link - pls. inform me, when the link goes dead, so that I might provide another working link here! )

... and insert the very same eMail - address that you already used, when you created your basic Let's Encrypt certificate. Insert your initial domain-name and the desired additional (sub.)domain - names at the provided text-box, accept the TOS and the Let's Encrypt SA and choose the option "DNS", followed by a click onto the NEXT - button. The next steps are fully explained in several languages ( EN | DE | FR | ES | RU ) and contain amongst other things the manual entries of TXT - DNS - entries at your primary nameserver(s) for the added (sub.)domains and after you waited a few minutes for DNS - synchronisation, the authorization will be done and the new certificate for all your desired (sub.)domain - names will be presented to you ( which you are even able to download, if you wish to ).
You are then able to either replace the existent certificate over your Plesk Control Panel, or you choose to manually add it at all necessary places, just like you added other ( self-signed, or brought ) certificates in the past. ;)

Hint: I choosed the option, to replace the existent certificate files at "/opt/psa/var/certificates/" and "/opt/psa/var/modules/letsencrypt/etc/live/YOUR-DOMAIN..COM" ( pls. notice, that these are symlinks here! ), in the hope that the automatic renewal - process will renew not only the previous, first certificate, but the new certificate, with all the additional (sub.)domain - names. I'm pretty sure, that my hope will not be sufficient enough :rolleyes: to reach that renewal - goal, but maybe the Plesk / Plesk-Let's Encrypt-Extension - developers find as well a working solution to add the choice for DNS - authorization, or find a way to add additional (sub.)domain - names over the Plesk Control Panel. ;)
Click to expand...
( Pls. visit: => #25 for the whole forum - post and possible other following issues/errors/problems and the depending suggestions. :) )

Additional note:
Pls. keep as well in mind, that the provided script "letsencrypt-hostname.sh" in the above mentioned forum - link is fully customizable, so you can as well modify the "webroot-path" to your very own, unique ( existent ) path, if you wish to. ;)
 
Last edited by a moderator:
@UFHH01 Thanks, after creating a sub-domain for the hostname then going back and using the SecurityAdvisor LetsEncrypt tool it did create a certificate for the admin interface port.
 
You must log in or register to reply here.

Similar threads

C
Resolved Plesk Login for Customers over Subdomain with Certificate.
Replies
2
Views
1K
cpulove
C
C
Resolved Plesk Extensions does not appear
Replies
2
Views
455
conor
C
C
Question Plesk with Cloudflare Proxy DNS Records and Letsencrypt..
Replies
0
Views
1K
cpulove
C
QWeb Ric
Issue Server pool SSL not showing for selection
Replies
0
Views
399
QWeb Ric
QWeb Ric
R
Issue Let's Encrypt Error 400 on every domain
Replies
1
Views
790
Sebahat.hadzhi
Sebahat.hadzhi
Back
Top