Applicable to:
- Plesk Onyx for Linux
- Plesk Onyx for Windows
Symptoms
The the following message is thrown while accessing Plesk or webmail:
-
In Chrome:
CONFIG_TEXT: Your connection is not private
NET::ERR_CERT_AUTHORITY_INVALID -
In Firefox:
CONFIG_TEXT: This Connection is Untrusted
(Error code: sec_error_unknown_issuer)
Certificate Error: The security certificate presented by this website was issued for a different website's address. This problem might indicate an attempt to fool you or intercept any data you send to the server. -
In Internet Explorer:
CONFIG_TEXT: There is a problem with this website’s security certificate.
-
In Opera
CONFIG_TEXT: Opera cannot verify the identity of the server "XXXX", due to acertificate problem. The server could be trying to trick you
Cause
By default, Plesk is using self-signed certificate that does not have a signature from trust center.
Resolution
Note: If Plesk/WebMail is secured via Let's Encrypt, use hostname/domain name to access it because IP address itself cannot be secured with valid certificate.
In order to avoid the warning, it is required to have valid SSL certificate. There are several options on how to achieve that.
- For domain/webmail/alias, it is required to go to Websites and Domains > example.com > Let's Encrypt and proceed with installation. Details are available in the following article:
How to install SSL certificate for a domain in Plesk - For securing Plesk/Mail Server, go to Tools & Settings > SSL/TLS certificates and proceed from there. See the details in the following articles:
How to secure Plesk login page URL with SSL certificate
How to secure mail server with Let's Encrypt certificate?
Purchase an SSL certificate signed for IP address/hostname/domain by a trusted center (Certificate Authority) or install Let's Encrypt extension and obtain a free certificate. See Administrator's Guide - Getting SSL Certificates for details.
Comments
2 comments
What if I don't want to use a SSL for specific domain?
@Emre, if there is no SSL or if you don't want using it, just use http://hostname:8880 instead of https://hostname:8443
Please sign in to leave a comment.