Knowledge Base

Installing an SSL certificate on Plesk Onyx

As soon as an SSL certificate is activated, and all validation requirements are met, the SSL certificate will be issued and sent to your administrative contact email address. When the SSL certificate is received, you are welcome to start the installation process.

The most frequent SSL tasks for Plesk panel are described below:

  • Enable HTTPS connection
  • Redirect HTTP to HTTPS
  • SSL installation when CSR was generated elsewhere
  • Retrieve a private key for multiple SSL installations
  • Secure Plesk login page and mail services
  • Secure webmail

  1. Enable HTTPS connection

    Depending on the Plesk account type, you can see two web interfaces:

    • 'Service Provider view' is the default for Server Administrator and Reseller accounts;
    • 'Power User view' is the default for Customer account.
  2. 1.1) For 'Service Provider view', go to 'Domains' section and click on your domain name that you are going to secure:

    instplesko1

    1.2) Click on 'SSL/TLS Certificates'

    instplesko2

    1.3) For 'Power User view', go to 'Websites & Domains' > Find the right domain name and click on 'SSL/TLS Certificates'

    instplesko3

    1.4) Further instructions will be the same for both views. You will see the title of your SSL for which CSR code was generated, click on it to proceed. The faded C (certificate) and A (CA certificate) icons indicate that SSL certificate file and CA bundle have not uploaded yet.

    instplesko4

    1.5) On the next page you will see the option to upload SSL certificate file (.crt) and CA certificate (.ca-bundle) which can be downloaded from ZTABOX email.

    instplesko5

    1.6) Also, it is possible to upload SSL certificate and CA certificate in text format. Make sure that there are no extra spaces in CA certificate code:

    instplesko6

    1.7) Once done, you will see the successful message and certificate (C) and certificate authority (A) icons will become brighter.

    instplesko7

    1.8) Next step is to assign SSL certificate to the hosting services:

    instplesko8

    1.9) Find your SSL certificate in drop-down list and click 'OK'

    instplesko9

    1.10) Successful SSL installation will be indicated with this message.

    instplesko10

    You can also check it using this tool: here

  3. Redirect HTTP to HTTPS
  4. To force HTTPS connection, you need to choose 'Hosting settings' (step 1.8), tick 'Permanent SEO-safe 301 redirect' option and click 'Apply'.

    instplesko11

  5. SSL installation when CSR was generated elsewhere (you have private key, SSL certificate file and CA bundle)
  6. 3.1) Go to 'Domains' section and choose your domain name for 'Service Provider view' (step 1.1-1.2) or 'Websites & Domains' (step 1.3).

    3.2) Click 'Add SSL/TLS Certificate'

    instplesko12

    3.3) Put the name of SSL certificate, upload Private key, SSL certificate and CA certificate (CA bundle) either in separate files:

    instplesko13

    OR in text format:

    instplesko14

    3.4) Choose the domain name (steps 1.1-1.2 or 1.3) and complete steps 1.8-1.10 to assign this SSL certificate to the particular domain name. SSL installation can be checked by this tool: here

  7. Retrieve a private key for multiple SSL installations
  8. In order to use the same SSL certificate (Multi-Domain, Wildcard, etc.) for other domain names, or hosting servers the private key is required.

    If you successfully installed SSL certificate to the Plesk Panel, the private key along with all SSL certificates can be downloaded following the steps 1.1-1.2, 1.3 and clicking on green arrow. The SSL certificates and the private key will be provided in PEM format.

    instplesko15

  9. Secure Plesk login page and mail services:
  10. 5.1) In order to secure Plesk login page and mail services (SMTP, IMAP, POP3) you need to login as Administrator or have administrator privileges. Go to 'Tools and Settings' and click 'SSL/TLS certificates'

    instplesko16

    5.2) You will see two options: 1) Securing Plesk (login page) and 2) Securing mail.

    instplesko17

    5.3) Choose correct SSL certificate and click OK:

    instplesko18

    5.4) The successful installation will indicate the following message:

    instplesko19

    5.5) You can check the login page by entering your domain name and 8443 port:

    instplesko20

    5.6) To secure mail services SMTP (25, 465), POP3 (110, 995), IMAP (143, 993) with SSL certificate, follow steps 5.1-5.2 and click on the second option 'Change'. The SSL installation process will be the same as shown in steps 5.3-5.4.

  11. Secure webmail
  12. 6.1) To secure webmail interface, go to 'Domains' section and choose your domain name for 'Service Provider view' (step 1.1-1.2) or 'Websites & Domains' (step 1.3) and click on 'SSL/TLS Certificates'.

    6.2) Choose SSL certificate, click 'Secure Webmail' and check a successful notification.

    instplesko21

    6.3) You can check the webmail service using webmail subdomain along with your domain name in this format: https://webmail.example.com:

    instplesko22