Accessing Plesk shows invalid security certificate.

Accessing Plesk shows invalid security certificate

Accessing Plesk Control Panel with https displays the following;

mydomain:8443 uses an invalid security certificate.

The certificate is not trusted because it is self signed.
The certificate is only valid for plesk.

(Error code: sec_error_ca_cert_invalid)

You don’t need to buy another certificate because Plesk automatically generates one for you, and it works just like any other SSL certificate. However, since browsers do not recognize Plesk as a trusted authority, they display a warning whenever someone visits your control panel. The warning says that an untrusted issuer (Plesk) created the certificate or that the certificate name does not match the domain name. The only way to fix this issue is to buy an SSL certificate.

Trivia:

1. Plesk creates an SSL certificate for yourdomain.com. When someone logs in at https://yourdomain.com:8443, the browser shows a warning that says Plesk is untrusted. If the user accepts the warning, the session remains secure.

2. Plesk creates an SSL certificate for yourbuzinessdomain.com. When someone logs in at https://yourcustomerdomain.com:8443, the browser shows a warning that Plesk is untrusted and that the certificate name does not match the domain name they entered. If the user accepts these warnings, the session still runs securely.

3. You bought an SSL certificate for yourbusinesdomain.com. Now, when someone logs into https://yourbusinesdomain.com:8443 they will not receive any warning. The session will be secured.

4. You buy an SSL certificate for yourbusinesdomain.com. When someone logs in at https://yourcustomerdomain.com:8443, the browser shows a warning that the certificate name does not match the domain name they entered. If the user accepts the warning, the session still remains secure.

Ideally, you want scenario 3 to happen. All the options above provide the same level of security, but scenario 3 looks the best. However, Plesk cannot force people to log in through yourbusinesdomain.com.

However, Plesk does offer a workaround. I set up a domain called cp.mydomain.com that redirects to https://mydomain.com:8443 and runs on a separate IP. With the help of a firewall, you can block all incoming traffic on port 8443 for the IPs that host other sites. This setup forces customers to use the cp.mydomain.com link. As a result, they reach the login screen with the correct SSL certificate and avoid any security errors.

– Tech Savvy.

To get more updates you can follow us on Facebook, Twitter, LinkedIn

Subscribe to get free blog content to your Inbox
Loading

Written by actsupp-r0cks