Knowledge Base

Old certificate is still shown for the Plesk website in a browser

 
apachecentosdomainshostinghosting settings

Symptoms

  • A new certificate for the domain was installed via Plesk

  • The new certificate is chosen in the Plesk > Domains > example.com > Hosting Settings > Certificate field

  • An old certificate is still shown for the website in a browser

  • Plesk self-signed certificate is displayed instead of the one signed by a public CA: 
    example.com uses an invalid security certificate.
     The certificate is not trusted because it is self-signed.
     The certificate is only valid for Parallels Panel The certificate expired on
     Error code: SEC_ERROR_UNKNOWN_ISSUER

The certificate file is valid, it is not default or self-signed:

# openssl x509 -noout -in /usr/local/psa/var/certificates/cert-XXXXXX -issuer
issuer= /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA

Note: This behavior happens with any kind of certificate installed within Plesk. For example, Custom / Purchased certificate or Let’s Encrypt SSL certificate.

Cause

After applying the certificate the webserver is not restarted automatically.

Resolution

To fix it the following can be done:

Click on a section to expand

Through Plesk UI

  1. Log into Plesk

  2. Go to Plesk > Domains > example.com > Hosting settings

  3. Disable the SSL/TLS Support option and click the Apply button

  4. Enable the SSL/TLS Support option back and the OK button

Through the command line

  1. Connect to the server via SSH

  2. Run the following command to reinstall certificates for the domain:

    # plesk repair web -sslcerts example.com

Note: If the above steps did not resolve the issue, restart the web servers:

Through Plesk UI

  1. Log in to Plesk

  2. Go Tools & Settings > Services Management

  3. Restart Web Server (Apache) and Reverse Proxy Server (nginx) services:

Through the command line

  1. Connect to the server via SSH

  2. Run the following commands:

    # systemctl restart nginx

    For CentOS/RHEL-based distributions:

    # systemctl restart httpd

    For Debian/Ubuntu-based distributions:

    # systemctl restart apache2

Additional information

Website uses old certificate despite the fact that it was changes to a new one in domain’s hosting settings

Read the full article
Related Posts
Knowledge Base

Hosting Wiki

Industry
Partners

industry-partner_ALIBABA
industry-partner_GOOGLEPARTNER
industry-partner_MICROSOFT
industry-partner_REDHAT-r2
industry-partner_ALIBABA
industry-partner_AUTOMATTIC
industry-partner_AWS
industry-partner_DIGITALOCEAN
industry-partner_SCALEWAY

Follow us:

Facebook Twitter Linkedin Youtube Github

© 2023 Plesk International GmbH. All rights reserved. Plesk and the Plesk logo are trademarks of Plesk International GmbH.

Managed with love with Plesk WP Toolkit

Plesk uses LiveChat system (3rd party).

By proceeding below, I hereby agree to use LiveChat as an external third party technology. This may involve a transfer of my personal data (e.g. IP Address) to third parties in- or outside of Europe. For more information, please see our Privacy Policy.

Search
Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt