Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I ran this command:
I have PLESK and was able to get a CSR text.
There is a way to load the .crt file in this Plesk implementation but I did not get how to go from this CSR to the .crt
Let’s encrypt extension on Plesk is not provided because the provider does not offer free certificate, and does not help do it.
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
But you have to do that manual (uploading a file to your webserver). And Letsencrypt certificates are only 90 days valide, so you have to do that every 60 - 85 days.
Thanks
I’ll look at that ZeroSSL site…
I understand this is not an easy solution but apparently there is no other one.
By the way I noticed on this community forum someone who said he was offering a plugin for wordpress.
Is this a good solution since I am using Wordpress for my site?
Hi,
I finally generated the key from ZeroSSL.com and uploaded it to my website using the Plesk interface (at least this is possible with this provider).
Everything looks nice but at the end the website still displays “not secured”.
Is it a timing problem or something else?
Hi,
I am sorry, I don’t understand what you mean by “Your non-www version has the wrong certificate and is insecure.”
I have one certificate only and in my Plesk interface I indicated that I preferred to use adar.fr better than www.adar.fr. But if that creates a problem I may just go and stick with www.adar.fr.
But I just changed it to avoid this adar.fr possibility but I still do not get a secured site.
One certificate can have one or more domain names.
You should create one certificate with two domain names - adar.fr + www.adar.fr.
So create a new Certificate Signing request and use that with ZeroSSL.
You can do that but this isn't the problem. A domain should always have two dns entries (www + non-www), one correct certificate with both domain names and correct redirects http -> https and https + non-preferred -> https + preferred. It's not really relevant if the non-www or the www-version is preferred, both versions should answer.
As you can see on thi image the hosting params are for adar.fr and it’s just a preference to use www.adar.fr. And for this I have to provide only one certificate.
I have another domain on the same server which is appinventor.adar.fr, and after issuing the certificate for this domain, I can call it with https://appinventor.adar.fr and get the lock. it shows it as a secure one.
This site is a redirection from the domain name appinventor.fr, but if I call appinventor.fr it opens appinventor.adar.fr but not secure.
There are certainly some basic knowledge on Domain names/redirection/SSL that I am missing.
I’m going to sleep, maybe something will surge tomorrow.
Thanks