I have from Godaddy an ssl certificate that expires in two months. My hosting is also a Godaddy Windows VPS. The automatic renew of godaddy renew my certificate and send me an email to download and install it. So I went to my godaddy account: My products/ SSL Certificates/ then I have click on manage in my web site name that is on ssl certificates. There I can see on certificate details that the validation period is from today and until 1 year after today. Above I can see three buttons (Download, Reissue, History). I Select download and then in the type of server I select “Other” and then I press download. (I selected “Other” because it doesn’t has “Plesk”). So the zip file is downloaded in my pc and when I unzip it I can see the CRT file, such as 123456789.crt and the certificate bundle file. I Login in the Plesk of my VPS and go to Websites & Domains/MyDomain/Secure Your Sites . There in the SSL Certificates I click on the one that is running now in my domain and expires in two months. There, in the page "Change Properties of SSL Certificate"/ in the area “Upload the certificate files”/ for the “Certificate” I select browse and then select the 123456789.crt file. Also for the “CA certificate “ I select browse and then I select the certificate bundle file. Then I press Send files. A green bar appears at the top and say that the ssl certificates installed correctly in my server. I logout and then open a Mozilla Firefox to browse to my site. Unfortunately I see that I still have the old ssl certificate because the expiration date is in two months and not after one year. What I am missing?
It may occur due to the fact that the bindings for domain's IP address and the old certificate still exist in IIS. You can fix it over RPD using the following steps:
1. Connect to the Plesk server via RDP.
2. Start a command prompt as an Administrator and copy all bindings to the file:
netsh http show sslcert > C:\certificates.txt
3. Now open the file certificates.txt and find all bindings related to the domain IP address. For example:
IP:port : 203.0.113.2:443
Certificate Hash : 136d8c631b2f3e5f4c7f80828f130f365a416037
Application ID : {4dc3e181-e14b-4a21-b022-59fc669b0914}
Certificate Store Name : WebHosting
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled
If an IP binding is present, remove it:
netsh http delete sslcert ipport=203.0.113.2:443
4. Restart IIS:
iisreset
If the access via RDP is not possible, contact GoDaddy. You may refer to this article to explain the issue to them - https://support.plesk.com/hc/en-us/articles/115001128073.