256-bit SSL
Digital Web Certificates
Generating a Certificate Signing Request
(CSR) using Plesk Server Administrator 2.5
Please note that these files were adapted from online resources
available at http://www.plesk.com/html/products/psa/doc.htm
A CSR is a file containing your certificate application information,
including your Public Key. Generate your CSR and then copy and paste
the CSR file into the webform in the enrollment process.
Important Notes on Certificates
- In order to use SSL certificates for a given domain,
the domain MUST be set-up for IP-Based hosting.
- When an IP-based hosting account is created with SSL support,
a default SSL certificate is uploaded automatically. However,
this certificate will not be recognized by a browser as one that
is signed by a certificate signing authority.
- The default SSL certificate can be replaced by either a self-signed
certificate or one signed by a recognized certificate-signing
authority. The self-signed certificate is valid and secure, but
many clients prefer to have a certificate signed by a known Certificate
Signing Authority.
- You can generate a certificate with the SSLeay utility and
submit it to any valid certificate authority. This can be done
using the CSR option within PSA.
- If the given domain has the www prefix enabled, you must set-up
your CSR or self-signed certificate with the www prefix included.
If you do not, you will receive a warning message when trying
to access the domain with the www prefix.
- Remember to enter your certificate information in PEM format.
PEM format means that the RSA Private Key text must be followed
by the Certificate text.
- All certificates are located in the ../vhosts/'domain name'/cert/httpsd.pem
file. Where this directory reads "domain name", you must enter
the domain name for which the certificate was created.
Generate a Self-signed Certificate or Certificate Signing Request
Access the domain management function by clicking on
the Domains button at the top of the PSA interface. The Domain List
page appears.
- Click the domain name that you want to work with. The Domain
Administration page appears.
- If you have established an IP based hosting account with SSL
support, the Certificate button will be enabled.
- Click the Certificate button. The SSL certificate setup page
appears.
- The Certificate Information: section lists information needed
for a certificate signing request, or a self-signed certificate.
You must fill out these fields before generating your CSR or self-signed
certificate.
- The Bits selection allows you to choose the level of encryption
of your SSL certificate. Select the appropriate number from the
drop down box next to Bits:.
- To enter the information into the provided text input fields
(State or Province, Locality, Organization Name and Organization
Unit Name (optional)) click in the text boxes and enter the appropriate
name.
- To enter the Domain Name for the certificate, click in the
text box next to Domain Name: and enter the appropriate domain.
- The domain name is a required field. This will be the only
domain name that can be used to access the Control Panel without
receiving a certificate warning in the browser. The expected format
is www.domainname.com or domainname.com.
- Click on the Request button.
- Selecting Request results in the sending of a certificate-signing
request (CSR) to the email address you provided in the certificate
fields discussed above. When a CSR (certificate signing request)
is generated there are two different text sections, the RSA Private
Key and the Certificate Request. Do not lose your RSA private
key. You will need this during the certificate installation process.
Losing it is likely to result in the need to purchase another
certificate.
- Copy and paste the Certificate Request emailed to you into
the InstantSSL web form where it requests a CSR (Certificate Signing
Request).
- When you are satisfied that the SSL certificate has been generated
or the SSL certificate request has been correctly implemented,
click Up Level to return to the Domain Administration page.
|
