Applicable to:
- Plesk Onyx for Linux
- Plesk Onyx for Windows
Symptoms
The the following message is thrown while accessing Plesk or webmail:
-
In Chrome:
CONFIG_TEXT: Your connection is not private
NET::ERR_CERT_AUTHORITY_INVALID -
In Firefox:
CONFIG_TEXT: This Connection is Untrusted
(Error code: sec_error_unknown_issuer)
Certificate Error: The security certificate presented by this website was issued for a different website's address. This problem might indicate an attempt to fool you or intercept any data you send to the server. -
In Internet Explorer:
CONFIG_TEXT: There is a problem with this website’s security certificate.
-
In Opera
CONFIG_TEXT: Opera cannot verify the identity of the server "XXXX", due to acertificate problem. The server could be trying to trick you
Cause
By default, Plesk is using self-signed certificate that does not have a signature from trust center.
Resolution
Note: If Plesk/WebMail is secured via Let's Encrypt, use hostname/domain name to access it because IP address is not into SAN.
Option I.
Secure Plesk/domain/WebMail via Let's Encrypt.
- For domain/webmail/alias, it is required to go to Websites and Domains > example.com > Let's Encrypt and proceed with installation. Details are available in the following article:
How to install SSL certificate for a domain in Plesk - For securing Plesk/Mail Server, go to Tools & Settings > SSL/TLS certificates and proceed from there. See the details in the following article:
How to secure Plesk IP address with Let's Encrypt certificate?
Option II.
Purchase an SSL certificate signed for IP address/hostname/domain by a trusted center (Certificate Authority) or install Let's Encrypt extension and obtain a free certificate. See Administrator's Guide - Getting SSL Certificates for details.
Option III.
Add the IP address/hostname/domain to the exception list of web browser.
For Google Chrome:
- Click the Chrome Menu icon on the far right of the Address bar.
- Click on Settings, scroll to the bottom and click the Show Advanced Settings link.
- Click on Change proxy settings (under Network)
- Click the Security tab > Trusted Sites icon, then click Sites.
- Enter the URL of your Trusted Site, then click Add.
- Click Close > OK.
For Internet Explorer:
- Open Internet Explorer by clicking the Start button .
- In the search box, type Internet Explorer, and then, in the list of results, click Internet Explorer.
- Click the Tools button, and then click Internet options.
- Click the Security tab.
- Now click on Trusted sites and then click on the sites button.
- Enter the Website URL and click on Add.
- Add the site URL, click on Close.
For Opera, the instructions are available here.
Comments
2 comments
What if I don't want to use a SSL for specific domain?
@Emre, if there is no SSL or if you don't want using it, just use http://hostname:8880 instead of https://hostname:8443
Please sign in to leave a comment.