Wrong certificate is shown for my domain in the browser

Created:

2016-11-16 13:09:21 UTC

Modified:

2017-08-16 16:46:49 UTC

0

Was this article helpful?


Have more questions?

Submit a request

Wrong certificate is shown for my domain in the browser

Applicable to:

  • Plesk 10.x for Linux
  • Plesk 11.x for Windows
  • Plesk 11.x for Linux
  • Plesk 12.0 for Windows
  • Plesk 12.0 for Linux

Symptoms

The wrong certificate is displayed when I open any domain via HTTPS. I added the correct certificate under server settings, assigned this certificate to an IP, set the default domain for the IP, and restarted Apache. But if I open https://domain.tld, I still get a localhost.localdomain (or another) default certificate.

Cause

The problem appears only if the name of the affected domain matches the server hostname. In that case, default SSL virtual host, defined in file ' /etc/httpd/conf.d/ssl.conf ' sets up SSL certificates for all virtualhosts with the same name and, due to how mod_ssl interprets the configuration, future definitions of virtualhosts with the same name do not override mod_ssl settings, leaving SSL certificate definition unchanged in ' /etc/httpd/conf.d/ssl.conf '.

Workaround

Look in all files matching ' /etc/httpd/conf.d/*.conf ' (or /etc/apache2/conf.d/*.conf for Debian/Ubuntu systems) for the lines declaring SSL virtual hosts. This command can help you do it (change the path if you are using Debian/Ubuntu):

# grep -iR '^[[:space:]]*<VirtualHost' /etc/httpd/conf.d/* | grep "_default_"

Example:

    #  grep -iR '^[[:space:]]*<VirtualHost' /etc/httpd/conf.d/* | grep "_default_"
/etc/httpd/conf.d/ssl.conf:<VirtualHost _default_:443>

If the above command returns some output, you have to edit the listed files (in our example, it is /etc/httpd/conf.d/ssl.conf) and comment out all the lines starting from:

<VirtualHost _default_:443>

up to this line

</VirtualHost>

Then stop and start (not restart!) the Apache server.

Have more questions? Submit a request
Please sign in to leave a comment.