Learn how to fix – “Plesk Server Certificate does NOT include an ID which matches the server name”. Our Plesk Support team is here to help you with your questions and concerns.

Plesk Server Certificate does NOT include an ID which matches the server name

Did you run into an error similar to the one below while accessing a Plesk panel or other services over HTTPS?

[ssl:warn] [pid 4122] AH01707: ip-xxx-xx-x-x.abcd.compute.internal:443:0 server certificate does NOT include an ID which matches the server name

Worry not, our Experts are here to help!

This error indicates a mismatch between the server name and the SSL certificate’s identifiers, which prevents a seamless, secure connection.

Today, we are going to explore the causes of this issue, how to fix it, and best practices for preventing it in the future.

An Overview:

• What Triggers the Error?
• Possible Causes
• How to Fix the Error
• How to Verify the Fix
• Additional Considerations
• Preventing Future SSL Errors

What Triggers the Error?

When a client (e.g., web browser or email client) accesses a server over HTTPS, it validates the SSL certificate by checking the following:

1. The certificate is signed by a trusted Certificate Authority (CA).
2. The certificate is still valid and hasn’t expired.
3. The server name matches the certificate’s Common Name (CN) or Subject Alternative Names (SAN) field.

If the server name (e.g., server.example.com) does not match any identifiers in the SSL certificate, the client displays a warning or error. The error message suggests that the server is presenting a certificate that does not include an identifier matching the requested name.

Possible Causes

• The domain we are using (e.g., https://server.example.com) is not included in the SSL certificate’s CN or SAN fields.
• The server uses a self-signed SSL certificate, which often lacks a domain that matches the server’s public name.
• The certificate might have originally matched the domain but has since expired.
• The SSL certificate may not have been properly installed or assigned to services like the Plesk panel, mail server, or web server.

How to Fix the Error

1. First, verify that the domain we are using to access Plesk matches the domain in the SSL certificate. If using a subdomain or alternate URL, ensure it is listed in the certificate’s SAN field.
2. Then, consider obtaining a certificate from a trusted Certificate Authority (CA) or use free options like Let’s Encrypt. Ensure that the certificate’s CN or SAN fields cover the required domain or subdomain.
3. If the certificate has expired, renew it with the CA or use Plesk’s built-in Let’s Encrypt feature to issue a new certificate. Regularly monitor SSL certificate expiration dates to avoid this issue in the future.
4. Now, it is time to reconfigure SSL/TLS Settings in Plesk. So, log in to the Plesk panel.
5. Then, go to Tools & Settings > SSL/TLS Certificates.
6. Finally, ensure that the correct certificate is selected for the Plesk server and associated services.

In case the certificate is already present but not applied properly:

• Reinstall or reassign the certificate to specific services.
• For web services. go to Domains > [Your Domain] > Hosting Settings and assign the correct certificate.

How to Verify the Fix

• Clear the browser’s cache to eliminate cached errors.
• Then, access Plesk again using the correct domain (e.g., https://server.example.com).
• If properly configured, the error should no longer appear, and the connection will be secure.

Additional Considerations

• Wildcard Certificates

  If we need to secure multiple subdomains (e.g., sub1.example.com, sub2.example.com), consider using a wildcard SSL certificate (*.example.com).
• DNS Settings

  Verify that the DNS records point to the correct server, especially if we have recently changed server names or domains.

Preventing Future SSL Errors

• Use tools or scripts to monitor SSL certificates and receive alerts before they expire.
• Automate renewal and deployment of SSL certificates with tools like Let’s Encrypt and Plesk extensions.
• Ensure that DNS settings and server names align with the identifiers in your SSL certificates.
• Establish consistent naming conventions for domains, subdomains, and server names to avoid mismatches.

[Need assistance with a different issue? Our team is available 24/7.]

Conclusion

The error message server certificate does NOT include an ID that matches the server name highlights a misalignment between the server’s name and its SSL certificate. By identifying the root cause—whether it’s a mismatched domain, expired certificate, or misconfiguration—and following the fixes outlined above, we can restore secure connectivity.

In brief, our Support Experts demonstrated how to fix – “Plesk Server Certificate does NOT include an ID which matches the server name”.