How to secure a Plesk hostname on port 8443 with an SSL certificate (Let's Encrypt / other certificate authorities)

Follow

Comments

37 comments

  • Avatar
    Marco Marsala (Edited )

    It should automatically remove the "Default Certificate" and/or set the Let's Encrypt certificate as default.

    The Let's Encrypt certificate should be automatically applied to mail too (and in such casem if hostname is changed, the certificate should be automtically reissued or at least a warning should be generated)

    0
    Comment actions Permalink
  • Avatar
    Norbert Harms (Edited )

    I tried to install a Plesk extension called "Plesk Security Advisor" suggested in one of Vultr's many articles but it seems Plesk doesn't have this extension included in their extension library. It is only available for "Download" on the Plesk website.

    Hence, how do I now install the downloaded Plesk Security Advisor on Plesk online?

    Thank you.

    0
    Comment actions Permalink
  • Avatar
    Scott Saccenti

    Trying to follow procedure described above.

    I have a VPS with GoDaddy and the server hostname is in format: s12-345-678-90.secureserver.net
    When I click on the " + Let's Encrypt " button (step 4), it fills that hostname in for me as the "Domain Name", and asks for an email address as well (step 5). So I accept this default (but put in a proper email address) and click INSTALL (step 6).

    This is the error message:
    Could not issue a Let's Encrypt SSL/TLS certificate for s12-345-678-90.secureserver.net. Authorization for the domain failed.
    Detail: dns :: DNS problem: NXDOMAIN looking up A for s12-345-678-90.secureserver.net

    (I've substituted for the actual IP above of course, but that is the format)

    0
    Comment actions Permalink
  • Avatar
    Ivan Postnikov

    Hello @Pascu,

    Thank you for noticing.

    This article is currently under review. For now, this link will be hidden.

    0
    Comment actions Permalink
  • Avatar
    Alisa Kasyanova

    @Scott Saccenti
    You need to make sure that s12-345-678-90.secureserver.net properly resolves to 12.345.678.90 (to your IP address). For example, use https://mxtoolbox.com/ to make sure that the hostname is resolving.
    If it is not, I recommend checking the GoDaddy documentation in order to find out how to make the hostname resolving.

    0
    Comment actions Permalink
  • Avatar
    Chris Collins

    Thanks, I've had a good read through those articles, but the symptoms are not the same. 

    I have checked the status of nginx, and its running fine with no dead processes. Restarted it anyway just to check, and still a problem. 

    If i go to the normal URL, the website works fine and uses the new cert. But as soon as i access it with 8443, it is using the old cert. 

    I've tried to reassign a different url to secure plesk, I've also renewed the certificate again using the methods in the article, but still nothing.

    0
    Comment actions Permalink
  • Avatar
    Harry

    Hi Artyom,

    i can confirm it works.

    looks like it is now also updated in this article.

     

    thx!

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request