A warning is shown while accessing Plesk or webmail: The certificate is not trusted or NET::ERR_CERT_AUTHORITY_INVALID

Plesk for Windows Plesk for Linux kb: technical ext: le ABT: Group B

Applicable to:

Plesk for Linux
Plesk for Windows

Symptoms

The following error is shown while accessing Plesk or webmail:

On Google Chrome:

CONFIG_TEXT: Your connection is not private
NET::ERR_CERT_AUTHORITY_INVALID
On Firefox:

CONFIG_TEXT: This Connection is Untrusted
(Error code: sec_error_unknown_issuer)
Certificate Error: The security certificate presented by this website was issued for a different website's address. This problem might indicate an attempt to fool you or intercept any data you send to the server.
On Internet Explorer:

CONFIG_TEXT: There is a problem with this website’s security certificate.
On Opera

CONFIG_TEXT: Opera cannot verify the identity of the server "XXXX", due to a certificate problem. The server could be trying to trick you

Cause

By default, Plesk is using a self-signed certificate that does not have a signature from the trust center.
Or, the mismatched certificate was applied.

Resolution

Note: If Plesk/WebMail is secured via Let's Encrypt, use hostname/domain name to access it because IP address itself cannot be secured with a valid certificate.

In order to avoid the warning, it is required to have a valid SSL certificate. There are several options on how to achieve that:

Secure Plesk/domain/WebMail via Let's Encrypt:

For domain/webmail/alias, it is required to go to Websites and Domains > example.com > SSL/TLS Certificates > Install and proceed with the installation. Details are available in the following article:
How to install SSL certificate for a domain in Plesk
For securing Plesk/Mail Server, go to Tools & Settings > SSL/TLS certificates and proceed from there. See the details in the following articles:
How to secure Plesk login page URL with SSL certificate
How to secure mail server with Let's Encrypt certificate?

Use a purchased SSL certificate:

Purchase an SSL certificate signed for IP address/hostname/domain by a trusted center (Certificate Authority) or install Let's Encrypt extension and obtain a free certificate. See Administrator's Guide - Getting SSL Certificates for details.

Comments

2 comments

Emre Toraman March 12, 2018 01:09

What if I don't want to use a SSL for specific domain?

0

Comment actions Permalink
Alexandr Tumanov March 22, 2018 10:16

@Emre, if there is no SSL or if you don't want using it, just use http://hostname:8880 instead of https://hostname:8443

0

Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request

Articles in this section

Applicable to:

Symptoms

Cause

Resolution

Related articles