Applicable to:
- Plesk for Linux
- Plesk for Windows
Symptoms
The following error is shown while accessing Plesk or webmail:
-
On Google Chrome:
CONFIG_TEXT: Your connection is not private
NET::ERR_CERT_AUTHORITY_INVALID -
On Firefox:
CONFIG_TEXT: This Connection is Untrusted
(Error code: sec_error_unknown_issuer)
Certificate Error: The security certificate presented by this website was issued for a different website's address. This problem might indicate an attempt to fool you or intercept any data you send to the server. -
On Internet Explorer:
CONFIG_TEXT: There is a problem with this website’s security certificate.
-
On Opera
CONFIG_TEXT: Opera cannot verify the identity of the server "XXXX", due to a certificate problem. The server could be trying to trick you
Cause
By default, Plesk is using a self-signed certificate that does not have a signature from the trust center.
Or, the mismatched certificate was applied.
Resolution
Note: If Plesk/WebMail is secured via Let's Encrypt, use hostname/domain name to access it because IP address itself cannot be secured with a valid certificate.
In order to avoid the warning, it is required to have a valid SSL certificate. There are several options on how to achieve that:
- For domain/webmail/alias, it is required to go to Websites and Domains > example.com > Let's Encrypt and proceed with the installation. Details are available in the following article:
How to install SSL certificate for a domain in Plesk - For securing Plesk/Mail Server, go to Tools & Settings > SSL/TLS certificates and proceed from there. See the details in the following articles:
How to secure Plesk login page URL with SSL certificate
How to secure mail server with Let's Encrypt certificate?
Purchase an SSL certificate signed for IP address/hostname/domain by a trusted center (Certificate Authority) or install Let's Encrypt extension and obtain a free certificate. See Administrator's Guide - Getting SSL Certificates for details.
Comments
2 comments
@Emre, if there is no SSL or if you don't want using it, just use http://hostname:8880 instead of https://hostname:8443
What if I don't want to use a SSL for specific domain?
Please sign in to leave a comment.