Plesk 11.x / Linux :: Secure Connection To System When Posting Data - Install PEM Certificate
Nov 20, 2014
I've written a script to send property data to rightmove.co.uk as part of their new automated data feed. However they require a secure connection to their systems when posting the data. They have provided me with a .pem file which is a security certificate. I need to install this on my plesk server but where to start as most certificates require a private key and the actual certificate. The private key I have been provided is only an 8 charter string, like a password.
I'm using plesk with CentOS 6.6 and the postfix/courier mail services...I tried to connect an existing mail account with a mail program like thunderbird. But I'm not able to connect to it, except when I'm using "no connection security"...So I tried, if manually contacting the POP3s Port is working:
Code: openssl s_client -ssl3 -host mail.domain.de -port 995 with the following result:
Code: CONNECTED(00000003) write:errno=104 --- no peer certificate available --- No client certificate CA names sent
[code]....
the same results come for trying to connect to port 465 (ssmtp) and 993 (imaps)port 443 (https) seems to work fine..i already checked if the corresponding certificates exist (e.g. /usr/share/imapd.pem) and filled with the standard certificate informtaion given by plesk checking openssl on the server gives the following result:
Code: # openssl version OpenSSL 1.0.1e-fips 11 Feb 2013
I have a new Plesk 12 installation. I have configured a domain (example.com) with hosting that also requires wildcard subdomains.
To achieve this I had to create a vhost.conf file with...
ServerAlias *.example.com
This works and I can go to http://anything.example.com with no issue.
I purchased a wildcard SSL certificate for *.example.com and successfully installed it.
If I go to https://example.com it works perfectly and shows the correct certificate, however if I go to https://anything.example.com it tells me the connection is untrusted, when I view the certificate, it shows the Parallels Plesk self certified certificate and not my purchased certificate.
I created a vhost_ssl.conf with
ServerAlias *.example.com ServerAlias *.example.com:443 #tried with and without this line
If I add an exception in the browser, then I am taken to the correct place, albeit with the incorrect certificate.
Of course I have executed httpdmng --reconfigure-domain example.com and also tried a full reboot.
In summary:
http://example.com - works
http://anything.example.com - works
https://example.com works with my certificate
https://anything.example.com has Parallels certificate but routes to correct page
I have used the patch : [URL] .... to disable ssl v3.
After I applied the patch getting error below when i try to send email via horde webmail:
There was an error sending your message: Could not open secure TLS connection to the server.
Roundcube can send mails well but horde not. Otherwise since applied the parch i can't get mails from gmail and maybe other providers i don't know yet.
I am developing new module and installed SSL certificate using following API call.
Request call: <packet> <certificate> <install>
[Code]....
But when i checked this domain by open in browser. the certificate is not installed. After lots of R&D i found that there are option of select SSL in hosting setting screen. The default selected SSL is "default certificate".
I have changed this option to "not selected".
After this changes i have installed certificate again and it is working fine. So is it bug in plesk or it is default behavior Plesk Panel?
I want to secure the webmail access (webmail.mydomain.com) with an SSL certificate. In this case, a self signed certificate should be enough because the users using the webmail will trust it.
Latest Plesk 12 and Windows Server 2012 R2, MailEnable WebMail as shipped with Plesk. Horde Webmail.
How would I set this up? I found no setting to enable SSL for the webmail subdomain. And I can not add it as subdomain and assign the self-signed certificate on it (Plesk panel does not allow webmail.mydomain.com as subdomain as it is already in use).
I found these links but they did not really answer my question as the information is mostly outdated (Windows 200):
[Mon Mar 23 20:53:14 2015] [warn] [client xxx.xxx.xxx.xxx] (104)Connection reset by peer: mod_fcgid: error reading data from FastCGI server [Mon Mar 23 20:53:14 2015] [error] [client xxx.xxx.xxx.xxx] Premature end of script headers: index.php
SSL (Secure Socket Layer) is all about encryption. SSL encrypts data, like credit cards numbers as well other personally identifiable information, which prevents the "bad guys" from stealing your information for malicious intent. I would like to know that,
Q.1 Is it compulsory for web hosting providers to get SSL Certification?
Q.2 Certificate Authority who issued the certificate, the root and the country it was issued in ?
I am working on a website for a new service company that I started. I wanted the site to be secure so I followed the necessary steps on godaddy but now when people go to the page, a pop up says "do you want to display non secure items.."
I'm transitioning from a shared account to a VPS and am trying to run it as securely as practical.
I've been looking at ways of keeping administrative connections to the server secure. So far I've considered VPN technologies like L2TP/IPSec and RAS but they don't seem suitable for what I need.
I just want a simple encypted, tamper-proof, computer-to-server connection in a Windows Server environment.
I have issue with qmail server. I want to update ssl certificate and for this i have replaced older servercert.pem with new servercert.pem file in /var / qmail/ control/. and restart service of qmail using qmailctl restart.But after updating this certificate my web browser still showing older certificate details.
I installed a new ssl certificate, changed it to be default and secure Plesk, switched the IP to use it. Now I wanted to remove the old one but it shows me that there is still one usage of this cert and I can't remove it. But how can I find what is using it?
I tried to remove the ssl certificate but although I have removed it from the IP I'm getting an error that it is still assigned to it. The solution in [URL] .... didn't work cause the Certificate field is grey out in my case.
I am replacing the default certificate in Plesk so that customers do not get a certificate warning when visiting the panel login page.
I've created the certificate in the "SSL Certificates" section made it default and used it to secure Plesk. However I've still got all the existing domains using the old default certificate, how can I do a mass changeover so that all existing domains are now using the new certificate?
I've updated the IP's to use the new certificate. When I go to "SSL Certificates" in "Tools and Settings", it seems that there are some domains now using the new certificate but quite a lot of the other are still not, how can I get these over too?
I’ve read the documentations of (PBAS, Plesk, and Securing Websites).how to add SSL Certificate to our Webmail? In addition, I need to know, how to request CSR key and install SSL for our mail server in order for us to protect our emails and to use the SSL Protocol in mail softwares such as Outlook? I will explain the scenario in details:
1- We have (www.example.com) which is our "Plesk Server hostname" and a subscription in our "Plesk Server". 2- We have (pbas.example.com) which is our "PBAS Server hostname" and it's not a subscription in our "Plesk Server". 3- We have (account.example.com) which is a "Subscription" in our "Plesk Server".
Here are the DNS records of our domain and subdomains: Host-Type-Data -A-192.168.1.30 www-A-192.168.1.30 mail-A-192.168.1.30 pbas-A-192.168.1.31 account-A-192.168.1.32 -MX-example.com.
how to generate CSR key for each domain/subdomain and how to install the SSL for it? Our "Plesk" is 11.5 and installed on CentOS 6.4.
When using `plesk bin --update domain.example.com -certificate-name 'certificate'`, Plesk always returns `Unable to find certificate`, I have verified the certificate exists using `plesk bin certificate -l -admin` and the spelling of the certificate name is correct. I can use the WebUI to associate the certificate to the site and have verified it works, however I need to automate this task.
Also, the online documentation for the `plesk bin site` command does not mention the `-certificate-name` option, however it is listed when running `plesk bin site -h`.
The documentation missing the information is found here: [URL] ....
I'm running Parallels Plesk 12 on Debian GNU/Linux 7.6...I have a valid certificate for my mail server : mail.mydomain.tld but I don't find the place in Plesk 12 to put it.
My System: Ubuntu 12.04 Plesk 12.0.18 Update #18 Only Webserver no mail
What I want: I have an old sha1 certificate and I would change this for the whole server.
What I have done so far: I have already uploaded the new sha256 certificate with a new private key to plesk (I can not simply replace the old one, plesk does not allow me to upload a new private key).
Then I set the new certificate as standard certificate and pressed the "secure pannel" button.
After that the panel uses the new certificate.
Then I set in "Tools & Settings -> IP Addresses" on both IP addresses the new certificate.
Reboot
But now the "Tools & Settings -> SSL Certificates" shows me that the old certificate is still used 2 times somewhere. But the Interface does not show where it is used. How can I find out where this certificate is used? I want to remove the old certificate from the server.
I've got an issue with the intermediate certificate, I need to provide additional to my certificate. As usual, I created a cert bundle with certs in following order:
- key data (BEGIN RSA PRIVATE KEY) - crt data (BEGIN CERTIFICATE - intermediate data (BEGIN CERTIFICATE)
And uploaded it successful to Plesk 12 certificate management. In Chrome, it's working. In Firefox not (as the intermediate cert is not provided by Plesk 12, and Firefox requires it).
How to inject the intermediate certificate for Plesk 12?
