Installing your Certificate with Plesk Server Administrator 2.5
SSL Products
SSL FAQ's
SSL Support

Support Menu

SSL Support Home

Browser Compatibility

FAQs & Solutions


SSL Application Stages:

1. Creating a CSR

2. Buy a Certificate now

3. Doc Requirements

4. Installing a Certificate

5. Display Site Seal

Step 1: Upload your SSL certificate

Upload a New SSL Certificate
You will be sent 3 certificates via email from Comodo. The certificate named after your domain name or server is the only file from the email that you will need - this is your SSL Certificate.

  • Firstly you need to create a SSL Certificate block text. To do this open your Certificate in a text editor such as notepad.
  • When you applied for a Certificate your Plesk console will have emailed you a CSR and a Private Key. Locate the email and copy the Private Key (not the CSR) into the text file you have just created containing your SSL Certificate. It should look something like:

  • -----BEGIN RSA PRIVATE KEY-----
    [[ENCODED BLOCK OF TEXT]]
    -----END RSA PRIVATE KEY-----

    -----BEGIN CERTIFICATE-----
    [[ENCODED BLOCK OF TEXT]]
    -----END CERTIFICATE-----

    Make sure the -----BEGIN CERTIFICATE----- etc are still displayed within the text file.
    Save this file as a TXT file somewhere easily accessible from your Plesk console.

  • In Plesk access the domain management function by clicking on the Domains button at the top of the PSA interface. The Domain List page appears.
  • Click the domain name that you want to work with. The Domain Administration page appears.
  • Click the Certificate button. The SSL Certificate page appears.
    In the Uploading Certificate File section click browse and locate the saved file just created.
  • Then, click Send File to copy the certificate to the server. Or, if you want to type in the text of the certificate without downloading a specific file, click in the text box and enter and paste the certificate information.
  • Click Send Text to implement the text on the server.

When you download the certificate to the server, PSA checks for errors. If an error is detected, PSA restores the old version of the SSL certificate, and PSA warns you to update the certificate. At this point, you can try again to enter text or to download the certificate file.

When you are satisfied that the SSL certificate is correctly implemented, click Up Level to return to the Domain Administration page.

Step 2: Uploading the Rootchain Certificate

To ensure your Certificate is trusted by all browsers you need to install a rootchain certificate for the domain:

  • Access the domain management function by clicking on the Domains button at the top of the PSA interface. The Domain List page appears.
  • Click the domain name that you want to work with. The Domain Administration page appears.
  • Click the Certificate button. The SSL Certificate setup page appears.
  • The icon next to Use rootchain certificate for this domain appears on this page.
  • If the icon is [ON] then the rootchain certificate will be enabled for this domain. If the icon is [X] this function will be disabled.
  • Ensure the icon is [X] before continuing to step 7.
  • To upload your rootchain certificate, first make sure that it has been saved on your local machine or network (save it to disk now by clicking here). Use the Browse button to search for and select the appropriate rootchain certificate file.
  • Then click the Send File button. This will upload your rootchain certificate to the server to assure proper authentication of the InstantSSL certificate authority.
  • Click the icon button again to set it to the [ON] state.
  • When you are satisfied that the rootchain certificate is correctly implemented, click Up Level to return to the Domain Administration page.

Advanced Notes on Certificates:

  • In order to use SSL certificates for a given domain, the domain MUST be set-up for IP-Based hosting.
  • When an IP-based hosting account is created with SSL support, a default SSL certificate is uploaded automatically. However, this certificate will not be recognized by a browser as one that is signed by a certificate signing authority.
  • If the given domain has the www prefix enabled, you must set-up your CSR or self-signed certificate with the www prefix included. If you do not, you will receive a warning message when trying to access the domain with the www prefix.
  • All certificates are located in the ../vhosts/'domain name'/cert/httpsd.pem file. Where this directory reads "domain name", you must enter the domain name for which the certificate was created.