Knowledge Base

Old certificate is still shown for the Plesk website in a browser

 
apachesslweb serveruiubuntu

Symptoms

  • A new certificate for the domain was installed via Plesk

  • The new certificate is chosen in the Plesk > Domains > example.com > Hosting Settings > Certificate field

  • An old certificate is still shown for the website in a browser

  • Plesk self-signed certificate is displayed instead of the one signed by a public CA: 
    example.com uses an invalid security certificate.
     The certificate is not trusted because it is self-signed.
     The certificate is only valid for Parallels Panel The certificate expired on
     Error code: SEC_ERROR_UNKNOWN_ISSUER

The certificate file is valid, it is not default or self-signed:

# openssl x509 -noout -in /usr/local/psa/var/certificates/cert-XXXXXX -issuer
issuer= /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA

Note: This behavior happens with any kind of certificate installed within Plesk. For example, Custom / Purchased certificate or Let’s Encrypt SSL certificate.

Cause

After applying the certificate the webserver is not restarted automatically.

Resolution

To fix it the following can be done:

Click on a section to expand

Through Plesk UI

  1. Log into Plesk

  2. Go to Plesk > Domains > example.com > Hosting settings

  3. Disable the SSL/TLS Support option and click the Apply button

  4. Enable the SSL/TLS Support option back and the OK button

Through the command line

  1. Connect to the server via SSH

  2. Run the following command to reinstall certificates for the domain:

    # plesk repair web -sslcerts example.com

Note: If the above steps did not resolve the issue, restart the web servers:

Through Plesk UI

  1. Log in to Plesk

  2. Go Tools & Settings > Services Management

  3. Restart Web Server (Apache) and Reverse Proxy Server (nginx) services:

    1.png

Through the command line

  1. Connect to the server via SSH

  2. Run the following commands:

    # systemctl restart nginx

    For CentOS/RHEL-based distributions:

    # systemctl restart httpd

    For Debian/Ubuntu-based distributions:

    # systemctl restart apache2

Additional information

Website uses old certificate despite the fact that it was changes to a new one in domain’s hosting settings

Read the full article
Related Posts
Knowledge Base

Industry
Partners

industry-partner_ALIBABA
industry-partner_GOOGLEPARTNER
industry-partner_MICROSOFT
industry-partner_REDHAT-r2
industry-partner_ALIBABA
industry-partner_AUTOMATTIC
industry-partner_AWS
industry-partner_DIGITALOCEAN
industry-partner_SCALEWAY

Follow us:

Facebook Twitter Linkedin Youtube Github

© 2021 Plesk International GmbH. All rights reserved. Plesk and the Plesk logo are trademarks of Plesk International GmbH.

Managed with 💙  with Plesk WordPress Toolkit

Search
Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt