Problem#

When logging in to a Plesk server via a web browser (e.g. https://pleskxx.hyve.com:8443/), a message is displayed warning that the certificate in place is not trusted because it is ‘self signed’. Specific warning messages differ from browser to browser.

Explanation#

An SSL certificate is in place to confirm encryption of data being sent and received at the server from a client browser.

On our Plesk servers we use 'self-signed' certificates, which means that although we use 128bit encryption on the data, it is not guaranteed by a certification authority. Instead we sign the certificates directly on the servers themselves, so that we are not paying for a yearly certificate subscription from a third party, such as VeriSign unnecessarily. Technically there is absolutely no difference between the two types of certificate. The self signed certificates offer identical encryption to those issued by an authority.

The only real difference is that your browser recognises certain certification authorities, (such as VeriSign) so it can not confirm that the certificate is real/valid and that the site physically warranties certain levels of financial transactions. (Usually up to £10,000 per transaction). However, since we do not accept credit card data, nor do we sell anything via the Plesk control panel, there is no point in offering this transaction warranty, and therefore no point in having a third party issue the certificate.

Any data entered into the Plesk control panel is guaranteed to be 128bit encrypted and secure, even though the browser displays a message to indicate that the certificate is not valid. The reason this message is displayed is because the browser doesn’t by default recognise the issuing body (self-signed). All of our Plesk servers are hosted behind Cisco firewalls, using port 8443 via 128bit SSL encryption, so it would be extremely difficult to intercept the data stream between the browser and our Plesk servers.

Solution#

Continue past the warning message into the control panel. This is achieved in different ways depending on the browser. In Internet Explorer, there is a link to continue whereas in Firefox, an exception must be added. Simply follow the instructions on the screen to continue past the warning intro the control panel.

NOTE#

It is strongly recommended that you DO NOT use any website that displays a warning message of this type if you intend to enter any sensitive data such as card details.

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-1) was last changed on 24-May-2017 15:30 by Hyve Support
G’day (anonymous guest) My Prefs
  • View Page Source
  • This clear IPSec security association,
    clear ipsec sa peer X.X.X.X
    

All Pages

Page views: 1574

Private Tomcat

Linux

MySQL

Email

SQL Server

ASP

JSP

C#

Web Mail

Windows Plesk

Linux Plesk

PHP

Gaming

ASP.NET

Persits ASPUpload

Wiki Help

Referring Pages:
...nobody

JSPWiki v2.8.1