Https not working

martingbravo1 · August 22, 2020, 9:36pm

I use [Plesk Obsidian 18.0.28 ] if i put my https://domain.com not secure but if i use https://some.domain.com work how ii fixet.

Tk

freessltools.com · August 22, 2020, 10:55pm

Welcome!

We will need your actual domain name to diagnose this.

martingbravo1 · August 22, 2020, 11:06pm

vpscozumel.com is the doomain name

freessltools.com · August 22, 2020, 11:32pm

So I did some checking. Your certificate issuance history through https://crt.sh/?q=vpscozumel.com looks like you’ve gotten a ton of valid certificates issued today for various domain/subdomain combinations. The certificate your website is actually serving for vpscozumel.com and www.vpscozumel.com has serial number 03b5925e6b6b442f9c09dbb5487d919a9d78, so those are working.

I think the problem is that you have included insecure content on your page. See https://www.missingpadlock.com and test your site to get more information. Your SSL is working, but you’re including content that is not delivered securely.

Screenshot_20200822-172006_Samsung Internet

martingbravo1 · August 23, 2020, 12:13am

I only have 1 index page whit 1 img

freessltools.com · August 23, 2020, 12:36am

Yep. And that one image is not included with https and thus is not secure. Just put an “s” after the http in your image tag and you’re good to go.

martingbravo1 · August 23, 2020, 1:03am

Tks friend working…

freessltools.com · August 23, 2020, 2:00am

martingbravo1 · August 23, 2020, 2:47am

when ii trie to enter https://domaain.com:8443. not woorking or https://ip:8443

freessltools.com · August 23, 2020, 3:22am

I’ve seen this somewhere before. Is the port really 8443 and not 443? I get great responses on vpscozumel.com:443 and www.vpscozumel.com:443.

JuergenAuer · August 23, 2020, 7:44am

Hi @martingbravo1

there are checks of your domain - see https://check-your-website.server-daten.de/?q=vpscozumel.com#ct-logs - last is some hours old:

You have created different certificates:

Issuer	not before	not after	Domain names	LE-Duplicate
Let's Encrypt Authority X3	2020-08-22	2020-11-20	*.vpscozumel.com, vpscozumel.com - 2 entries	duplicate nr. 2
Let's Encrypt Authority X3	2020-08-22	2020-11-20	*.vpscozumel.com, vpscozumel.com - 2 entries	duplicate nr. 1
Let's Encrypt Authority X3	2020-08-22	2020-11-20	vpscozumel.com - 1 entries	duplicate nr. 1
Let's Encrypt Authority X3	2020-08-22	2020-11-20	vpscozumel.com, webmail.vpscozumel.com, www.vpscozumel.com - 3 entries	duplicate nr. 1

Your port 443 uses the wildcard, so non-www and www are secure.

Your port 8443 / Plesk uses the certificate with only one domain name:

CN=vpscozumel.com
	22.08.2020
	20.11.2020
expires in 89 days	vpscozumel.com - 1 entry

So your non-www port 8443 has a valid certificate, your www port 8443 not, there is your invalid certificate.

See the port check part:

www.vpscozumel.com
	8443
	Plesk Administration (https)
	open
	https://www.vpscozumel.com:8443/
Http-Status: 303
	Certificate is invalid Redirect: https://www.vpscozumel.com:8443/login.php?success_redirect_url=https%3A%2F%2Fwww.vpscozumel.com%3A8443%2F

Change that.

not woorking or https://ip:8443

A certificate with an ip as SAN is required. Letsencrypt doesn't create such certificates.

PS: Your domain has a HSTS header. So you can't create an exception in your browser to use www + 8443. Never add HSTS header if you don't know if your certificate configuration is really working.

system · September 22, 2020, 7:44am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.