256-bit SSL
Digital Web Certificates
Installing your Certificate with
Plesk Server Administrator 2.5
Please note that these files were adapted from online resources available at http://www.plesk.com/html/products/psa/doc.htm
Important: Installation is a two step process - ensure you follow
both steps listed below:
Step 1: Upload your SSL certificate
Upload a New SSL Certificate You will be sent 3 certificates via
email from Comodo. The certificate named after your domain name or server is the
only file from the email that you will need - this is your SSL Certificate.
- Firstly you need to create a SSL Certificate block
text. To do this open your Certificate in a text editor such as
notepad.
- When you applied for a Certificate your Plesk console will have
emailed you a CSR and a Private Key. Locate the email and copy
the Private Key (not the CSR) into the text file you have just
created containing your SSL Certificate. It should look something
like:
-----BEGIN RSA PRIVATE KEY-----
[[ENCODED BLOCK OF TEXT]]
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
[[ENCODED BLOCK OF TEXT]]
-----END CERTIFICATE-----
Make sure the -----BEGIN CERTIFICATE----- etc are still displayed
within the text file.
Save this file as a TXT file somewhere easily accessible from
your Plesk console.
- In Plesk access the domain management function by clicking on
the Domains button at the top of the PSA interface. The Domain
List page appears.
- Click the domain name that you want to work with. The
Domain Administration page appears.
- Click the Certificate button. The SSL Certificate page
appears.
- In the Uploading Certificate File section click browse
and locate the saved file just created.
- Then, click Send File to copy the certificate to the
server. Or, if you want to type in the text of the certificate
without downloading a specific file, click in the text box and
enter and paste the certificate information.
- Click Send Text to implement the text on the server.
When you download the certificate to the server, PSA checks for
errors. If an error is detected, PSA restores the old version
of the SSL certificate, and PSA warns you to update the certificate.
At this point, you can try again to enter text or to download
the certificate file.
When you are satisfied that the SSL certificate is correctly implemented,
click Up Level to return to the Domain Administration page.
Step 2: Uploading the Rootchain Certificate
To
ensure your Certificate is trusted by all browsers you need to install a
rootchain certificate for the domain:
- Access the domain management function by clicking on the Domains button at
the top of the PSA interface. The Domain List page appears.
- Click the domain name that you want to work with. The Domain
Administration page appears.
- Click the Certificate button. The SSL Certificate setup page
appears.
- The icon next to Use rootchain certificate for this domain appears
on this page.
- If the icon is [ON] then the rootchain certificate will be enabled
for this domain. If the icon is [X] this function will be disabled.
- Ensure the icon is [X] before continuing to step 7.
- To upload your rootchain certificate, first make sure that it has
been saved on your local machine or network (save it to disk now
by clicking here). Use the Browse button to search for and select the
appropriate rootchain certificate file.
- Then click the Send File button. This will upload your rootchain
certificate to the server to assure proper authentication of the InstantSSL
certificate authority.
- Click the icon button again to set it to the [ON] state.
- When you are satisfied that the rootchain certificate is correctly
implemented, click Up Level to return to the Domain Administration page.
Advanced Notes on Certificates:
- In order to use SSL certificates for a given domain,
the domain MUST be set-up for IP-Based hosting.
- When an IP-based hosting account is created with SSL
support, a default SSL certificate is uploaded automatically.
However, this certificate will not be recognized by a browser
as one that is signed by a certificate signing authority.
- If the given domain has the www prefix enabled, you
must set-up your CSR or self-signed certificate with the www prefix
included. If you do not, you will receive a warning message when
trying to access the domain with the www prefix.
- All certificates are located in the ../vhosts/'domain
name'/cert/httpsd.pem file. Where this directory reads "domain
name", you must enter the domain name for which the certificate
was created.
|