“Warning: The CA certificates does not sign certificate” in Plesk

Most often this warning occurs with the installation of Comodo domain-validated certificates in Plesk, such as PositiveSSL, EssentialSSL, PositiveSSL Wildcard and Multi-domain one etc. As these certificates are multi-chain ones, CA Bundle consists of one Root and two Intermediate Certificates(SHA-2 based), that’s why during Certificate installation you need to put these certificates in the Chain in a particular order, otherwise a warning message will appear.

You need to download and paste CA certificates into a new file in the following order for EssentialSSL:

  1. COMODORSADomainValidationSecureServerCA.crt
  2. COMODORSAAddTrustCA.crt
  3. AddTrustExternalCARoot.crt

Alternatively, you can download a completed Bundle in the correct order from members panel.

The order in which you place the contents of these files creating CA Bundle is permanent, and should be followed as described above. No blank lines should be presented between the certificates when you copy them into a new file. Afterwards you need to forward this new file to Plesk when it asks for the CA Certificate.

If you are still experiencing any issues after submitting a correct Bundle, feel free to contact our Support Team.


0 Dislikes