Plesk Hosting Server Certificate Renewal (2020)
The following announcement only affects customers who host their own domain name on our Plesk hosting server.
We have renewed our SSL/TLS security certificate for our Plesk hosting server. This renewed certificate will be used for connections to the Plesk server and the Plesk Control Panel. This includes FTPS and email connections (POP3, IMAP, SMTP). We will be enabling this renewed certificate early next week, which is the week beginning on, Monday, August 17, 2020.
Server security certificates, which enable secure communication, have to be renewed on a regular basis. Previously, it was possible to renew every two years. However, recent industry mandated changes will only allow a maximum of one year, before a renewal is required. We renewed our certificate shortly before the new industry mandated changes went into effect, so we shouldn’t have to renew, again, until late in 2022.
In most cases you will not notice anything different when a certificate is renewed. However, some software may prompt you to confirm using the new certificate (See further below, to confirm the certificate you are presented with belongs to us.).
Potential Email Clients Issues
Some buggy, or poorly designed, email clients may stop working when a certificate is renewed. We have no control over those buggy, or poorly designed, email clients. However, some known problematic scenarios, and possible workarounds, are listed below…
Apple Mail Issues
We are aware that some Apple mail clients, especially iOS mail clients on the iPhone and iPad, are frequently affected, and display a “Cannot Verify Server Identity” error, without a way to proceed further (such as selecting the Details > Trust, or Continue/Accept button). This has been a known issue with those Apple mail clients for years, and it is outside of our control. If you are affected, the only known solution is to follow the steps, below:
- Remove all affected email accounts from the Apple iOS device. Go to Settings –> Accounts & Password –> [Account Name] –> Delete Account.
- Then delete all outgoing mail servers, associated with the previously removed email accounts, in settings.
- Re-add the mail account(s). Contact our office if you need help or instructions.
We apologize for the inconvenience, but this is outside of our control. Hopefully Apple will update their Mail App, on iOS, to resolve this longstanding issue that may occur when certificates are renewed.
Thunderbird 68 Issues
There are some reports that, beginning with Thunderbird version 68, a bug was introduced. This potential bug may prevent the dialog box from appearing which normally allows creating a necessary certificate exception. Certificate Exceptions are typically created for custom hostnames (something like mail.your-domain-name.tld) on shared hosting servers.
If Thunderbird stops checking for mail, or generates certificate error messages, without prompting you to add a certificate exception, you may change the incoming and outgoing mail server names from “mail.your-domain-name.tld” to “host.widomaker.com” to avoid the error. However, eventually, you will need to change them back to your custom mail hostname (mail.your-domain-name.tld).
For the security conscious, if you want to make sure the certificate, you are presented with, belongs to Widomaker, you may view the certificate and verify the Fingerprint matches the following:
|Issued By:||Sectigo RSA Domain Validation Secure Server CA|
|Begins On:||Wednesday, August 12, 2020|
|Expires On:||Friday, November 11, 2022|