SSL Certificate issues
Why do I see SSL / TLS certificate issues connecting my Plesk server and what are the risks?¶
Evaluating the security of the connection to Plesk server My Plesk checks if a valid SLL/TLS certificate is installed for Plesk panel and it is issued by a trusted certificate authority. This is the default security requirement with just a few exceptions when you see one of the following warning messages:
- Certificate expired obviously means that the existing certificate is no longer valid and should be renewed.
- Hostname/IP does not match certificate's altnames message is shown when the common name to which the certificate is issued (e.g., pleskserver.com) doesn't exactly match the hostname used for adding the server. This error can happen even if the correct certificate is installed properly. For example, you connect the server via the IP address or an internal name but the certificate was issued to the fully-qualified domain name (or vice versa).
- Finally, you will see Self-signed certificate or Self-signed certificate in certificate chain messages when a self-signed certificate or a certificate issued by your company (which is not a trusted Certificate Authority) is installed for your Plesk panel.
All the above messages mean that My Plesk does not find a trusted identification to prove that it connects to the server you specified. Ignoring these warnings and accepting the risks you should remember that in this case the connection may be vulnerable to man-in-the-middle (MITM) attacks.