Nowadays, a hosting package is no longer complete if no SSL certificate has been set up on the package. Our packages (in principle) come standard with a certificate from Let's Encrypt. Basically, because the DNS will have to point to our server. If so, the certificate will be placed automatically. Let's Encrypt certificates are automatically renewed.
In addition, the settings for our new hosting packages are such that the domain name will always be built up via a https connection.There are two ways to place an SSL certificate in Plesk: one is by activating a free Let's Encrypt certificate, and the other is by placing a (paid) certificate.
A Let's Encrypt certificate is free and has a term of three months. After that, the certificate must be replaced. We have a script running on our servers that ensures automatic replacement from day 60.
NB! Let's Encrypt also offers wildcard certificates. This means that the certificate is not replaced automatically. The reason for this is that a wildcard certificate requires DNS verification, and our hosting servers cannot write into our DNS.
Paid certificates have a longer term. The installation is not automated and must be done manually.
Placing a Let's Encrypt certificate
- Log in to the Plesk control panel.
- Click (under the heading of the site to be secured) on the link" SSL/TLS Certificates" (under the heading" Security ")
- Choose (at the bottom of the page) the option" Install a free basic certificate provided by Let's Encrypt" and click on the" Install" button
- A screen half slides across the screen. The "Secure the domain name" option will already be checked. All other checkmarks are optional, although the www. is recommended to bring. If you opt for a wildcard, keep in mind that you must manually add a line to the DNS (this will appear after clicking on "Get it free".
- Click on" Get it free" . After about a minute, a green bar on the Plesk page will inform you that the certificate has been placed.
Scroll all the way down:
You can select what to secure, if just one domain or all alias.
Placing a purchased certificate
After purchasing a certificate, you will receive a zip file from the CA containing your certificate and supporting files.
- Log in to the Plesk control panel.
- Click (under the heading of the site to be secured) on the link" SSL/TLS Certificates" (under the heading" Security ")
- There is now a link with the name you provided when requesting the CSR (see below). Click this.
- Open the .zip file you received from the CA. It contains a folder called Plesk-cPanel-DirectAdmin . Open this folder.
- You will see two .txt files. They both have the name of your website, as you provided it when creating the CSR. One ends with 'cacrt.txt', the other with 'crt.txt'.
- The page you opened in step 3 shows two large fields where you can paste the contents of the above files. Do that now. And click on" Upload Certificate "
- Scroll all the way down and click the“ Save ” button
- The certificate is now placed and put into use.
How do I create a CSR in Plesk?
A Certificate Signing Request (CSR) is required to request an SSL certificate. Generate the CSR along with the Private Key on the web server. For a wildcard certificate, enter a * (asterisk) as CN (Common Name) instead of the subdomain, for example *.example.com (and not www.example.com).
Create CSR
- Log in to the Plesk control panel.
- Click (under the heading of the site to be secured) on the link "SSL/TLS Certificates" (under the heading "Security")
- Click the "Add SSL/TLS Certificate" button. (You may also get a screen where you can buy various (Comodo) certificates. In that case, choose "Download or remove existing certificates" and click on the "Manage" button). A new page will open. Fill in the fields there to create a CSR, and then click the "Request" button. You will now return to the previous page.
- There is now a link with the name you gave to the request in the previous step. Click this. Scroll down. Here is the CSR.
Copy the entire content of the created CSR, including start and end lines, to order a certificate.