Plesk FF3 security error message on login

j-z · 09-20-2008, 12:30 PM

The new FireFox (v.3) makes the hoop jumping a bit worse in regards to login to Plesk. It used to be you'd just click "yes" to accept the fact that the certificate on Epsilon was outdated or non-existant. Now you need to "add an exception".

To explain this to clients is a bit of a hassle. I'm wondering if it's possible to buy a security certificate for Epsilon? So that there would be no need for my clients to "add an exception."

error looks like this:
Secure Connection Failed

epsilon.control-access16.com:8443 uses an invalid security certificate.

The certificate is only valid for control-access16.com

(Error code: ssl_error_bad_cert_domain)

**NexDog** · 09-20-2008, 10:50 PM

I could buy a cert for the control-access16.com domain name so your clients could access Plesk via that. But it's not very transparent for resellers as some quick googling will lead people back here.

j-z · 09-21-2008, 02:40 PM

I saw a thread on the portal where resellers were talking about adding some code to a page on their company website that would allow Plesk login for their clients -- in a seemingly transparent way. But then it seemed this approach was not longer working? Maybe I'm missing something here?

On the other hand, I haven't had a client question "control-access16" and they see that URL any time their mailbox is over the limit, anyway. If there is something I can be doing better in terms of creating a transparent experience, I'd be interested to know about it. If not, purchashing a certificate for control-access16 would be a good fix for me.

**RobbieLePommie** · 09-21-2008, 07:51 PM

I've never had anyone question control-access16 either, but nor the certificate. But personlly I wouldn't mind a valid certificate either, but appreciate those that prefer to stay anonymous.

The hack for Plesk stopped working a while ago. We naver had time to find out why - my suspicion was that we'd need to add a iFrame, but I never tested the theory.

**susannad** · 09-21-2008, 08:18 PM

it costs a fortune to buy a certificate doesn't it?

**MikeMann** · 09-22-2008, 12:01 AM

Quote:

Originally Posted by susannad

it costs a fortune to buy a certificate doesn't it?

All depends on where you get it from

Got support to put up a new cert for Delta (control-access14.com) put at delta.control-access14.com that was self-signed. Still have to add an exception, but not an issue for me since I have no clients.

**MikeMann** · 09-22-2008, 12:11 AM

Quote:

Originally Posted by j-z

I saw a thread on the portal where resellers were talking about adding some code to a page on their company website that would allow Plesk login for their clients -- in a seemingly transparent way. But then it seemed this approach was not longer working? Maybe I'm missing something here?

Actually I have a script I wrote some time ago (just tested and it seems to still work), but you will still need to add an exception. So, without a valid SSL Certificate keeping the need for the exception away, the script will not do much. Now, after a certificate is added (one from a trusted authority), the script I have will allow you to place a form on your page users can login from.

**susannad** · 09-22-2008, 03:49 AM

Yes, but I can't just get myself a certificate can I?

**NexDog** · 09-22-2008, 04:39 AM

Plesk runs on its own web service and its that service that needs to be secured and can only be done by one certificate - hence the need for an anonymous domain. We get certs pretty cheap now so I don't mind doing all servers but I'd prefer to wait until we've finished all the migrations and server mergers. Basically the 20 linux shared/reseller servers are being condensed into 10 beasty Dual Quad Core Xeon 5420 Harpertowns with 4GB RAM and 4 x 500GB SATA II drives in RAID 10. We've just done Sigma, Lamda, Gamma and Eta. Will do 4 more next month and try and be done by Christmas.

Meanwhile:

https://www.control-access16.com:8443/

**susannad** · 09-22-2008, 05:29 AM

10 beasties? (gulp)