Suddenly SSL not "Secured" for some Domains anymore


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: https://konsolenumbau.expert

I ran this command: none

It produced this output: none

My web server is (include version): nginx 1.11.10

The operating system my web server runs on is (include version): CentOS Linux 7.4.1708 (Core)‬

My hosting provider, if applicable, is: Alfahosting

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Plesk Onyx // Version 17.5.3 Update #43

Hello everybody.
First of all i like to thank everybody involved here for building such a great Community and I´m looking forward to get my Problem solved here.

So, im running the Server with the upper Specs and everything was working fine. Till a week or so.
Problem is, everytime i want to log in my Plesk Panel Chrome and also FF warns me now that my SSL Certificate isn´t secure anymore. This wasn´t the case a week ago and it popped up suddenly like this.

Then when i try to connect to my other Domain “konsolenumbau-luebeck.de” via Outlook, wich is just used to receive Emails now, Outlooks also warns me, that the Cert used for securing EMail isn´t valid anymore.

Error Message is: (sorry i have to translate it via Google) “the goal-principal name is wrong”

As far as i understnad these things thats because the Domain from wich the Certificate was “ordered” is Konsolenumbau.Expert. But why did this work all the weeks before. I run a few other Domains for my Wife. All these Domains are proper Secured when you open them in any Browser but when she wants to fetch her Mails via Outlook the same Error Message pops up. Like on my Mail accounts that wasn´t the case before.

So to bring it on point. When login in to my WebPanel i get that “not secured” Warning and when fetching Emails on other Domains than “Konsolenumbau.Expert” i get an Warning that the Principal-Name is wrong.

What can i do against this Problems?

Thanks a lot I´m looking forward to your suggestions.
Have a great Day you all.

Greets Seb


#2

A certificate is valid only for each name it is issued for. If you want to connect to a service and don’t use a host name which is included in the certificate, you will always get a warning.

The reason it worked before could be, that you confirmed a security exception for a certificate. This is valid as long as the certificate does not change. However: a new certificate for konsolenumbau.expert has been issued on 2018-03-21, so the possible warning message will reappear.

I recommend using correct host names or issuing certificates for all valid host names you use.


#3

Thanks a lot for helping me out.
As i do all that certification Thing via the Let´s Encrypt AddOn of my Plesk Installation i guess they are the one
o help my out further right? Cause i just can seem to expire the allready given Certs.

Or would you prefer doing all this Certification Stuff handish via SSH anyway?

thanks a lot.


#4

Hi,

It seems your domain has already got the certificate @ Mar.18th.

And the certificate is present. (P.S. your root certificate is missing which might cause chain-incomplete)

Thank you


#5

Thank You.

Yep something isn´t Setup there properly for sure…

I guess i have to start all over again to set it up right from the beginning.
So i have to read all over again cause i can´t afford to have my Shop Down a hole Day.

Is there a tutorial on here in combination with Plesk how to Set things up the right way?


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.