Support / KnowledgeBase

 
Search the KnowledgeBase Search

Installing an SSL Certificate

  • Applies to: (dv) 3.5, (dv) 4.0, (gs)

  • Difficulty: Medium

  • Time needed: 30 minutes

  • Tools needed: AccountCenter access or Plesk administrator access

 
  • Applies to: (gs)
    • Difficulty: Medium
    • Time Needed: 30
    • Tools Required: AccountCenter access
  • Applies to: (dv) 4.0
    • Difficulty: Medium
    • Time Needed: 20
    • Tools Required: Plesk administrator access
  • Applies to: (dv) 3.5
    • Difficulty: Medium
    • Time Needed: 20
    • Tools Required: Plesk administrator access
  • Applies to: (ve)
    • Difficulty: Medium
    • Time Needed: 20
    • Tools Required: SSH access

Overview

If you need an SSL certificate, you can either purchase one from (mt) Media Temple or install a third-party certificate yourself.

You can purchase a certificate from any certifying authority that provides Apache certificates. Regardless of which provider you choose, the basic steps for your (mt) Media Temple server are the same.

  1. Generate a CSR (certificate request).
  2. Submit the CSR to your third-party certifying authority, and fill out their requested information.
  3. Receive the certificate (and any chain certificates, if necessary) from your certifying authority.
  4. Import the certificate and any chain certificates to your (mt) Media Temple server.

These steps are covered in more detail below.

End of Life Warning

This service has a pending End of Life. Please move to a current service as soon as possible. For more information, please see: (dv) Dedicated-Virtual 4.0: Migration Information.

TIP:

Already have a certificate? You may be able to skip the CSR part of the instructions and simply import your certificate and private key from the previous server. See Moving an SSL Certificate from another server for details.

Automatically installing a (mt) Media Temple SSL certificate

  1. Sign into your AccountCenter.
  2. From the "Overview" page, click on the "Admin" button next to the SSL certificate.
  3. Click on the "Install/Reinstall SSL Certificate" option.
  4. Choose your (gs) Grid-Service, and press the green "Install" button. You will be prompted to agree to a verification, because as part of the SSL installation your IP address may change. Also if you already have an existing SSL certificate installed onto the chosen (gs) Grid-Service account, it will be overwritten.
  5. The green "Install" button will change to "Installing," and when complete it will update to say "Success!" If instead it updates with an error message, try again to install, or contact support.

NOTE:

Your domain is assigned a new IP address once you install the certificate. You shouldn't notice any downtime for your site, due to the (gs) Grid-Service architecture, but the certificate won't become effective for up to 24 hours.

If you use third-party DNS, please update your IP address in the zone file for the domain.

  • Find your new IP address in your Server Guide, in the DNS section, under IP Address.

Manually installing a (mt) Media Temple SSL certificate

  1. Sign into your AccountCenter.
  2. From the "Overview" page, click on the "Admin" button next to the SSL certificate.
  3. Click on the "Certificate Information" button then click the words "View Certificate Data"
  4. Open a text editor program, then copy into the program the full text content to the left of the following sections:
    • Private Key
    • SSL Certificate
    • CA / Chain Certificate
  5. Mouse over the "Domains" tab and click on your primary domain from the drop-down menu.
  6. Click SSL Certificate

    Ac cert.png

  7. Click import certificate.

    Ac cert import.png

  8. On your computer, open your SSL certificate with a plain text editor. See Step 4 for details.
  9. Copy the certificate from the text editor and paste it into the Certificate field in the AccountCenter. Copy the entire thing, including the beginning and ending lines.

    Ac cert importtxt.png

  10. Perform the same steps to copy and paste the private key and CA / chain certficate into the Private Key and CA/Chain Certificate field, one after the other. Again, include the beginning and ending lines.
  11. Click save.
  • Your site is now encrypted by an SSL certificate. You must visit your site over https:// to see the effects. Make sure you use the exact domain or subdomain for which you purchased the certificate.

Manually installing a third-party SSL certificate

  • Obtain your certificate, and any required chain certificates, from your certifying authority. You may be prompted to download something called a bundle. Do so, unzip it if necessary, and open it. You will likely have one certificate and three chain certificates inside. You can open these files in a text editor, such as Notepad or TextEdit, for easy copying and pasting.
    • Chain certificates are also called CA certificates.
  • Import your certificate and any chain certificates.
    1. Sign into the AccountCenter.
    2. Click on your primary domain.
    3. Click SSL Certificate

      Ac cert.png

    4. Click import certificate.

      Ac cert import.png

    5. On your computer, open your SSL certificate with a plain text editor.
    6. Copy the certificate from the text editor and paste it into the Certificate field in the AccountCenter. Copy the entire thing, including the beginning and ending lines.

      Ac cert importtxt.png

    7. If you have any chain certificates, or CA certificates, paste those into the CA/Chain Certificate field, one after the other. Again, include the beginning and ending lines for each chain certificate.
    8. Click save.
  • Your site is now encrypted by an SSL certificate. You must visit your site over https:// to see the effects. Make sure you use the exact domain or subdomain for which you purchased the certificate.

Automatically installing a (mt) Media Temple SSL certificate

NOTE:

Automatic installation requires Plesk 10.3 or newer, with Apache SNI support enabled. This allows multiple SSL Certificates to be installed on a shared IP address. For more information and steps to enable SNI support, please see: How can I host multiple sites on a single IP address?

  1. Sign into your AccountCenter.
  2. From the "Overview" page, click on the "Admin" button next to the SSL certificate.
  3. Click on the "Install/Reinstall SSL Certificate" option.
  4. Choose your (dv) Dedicated-Virtual Server, and press the green "Install" button. You will be prompted to agree to a verification, because as part of the SSL installation your IP address may change. Also if you already have an existing SSL certificate installed onto the chosen (dv) Dedicated-Virtual Server account, it will be overwritten.
  5. The green "Install" button will change to "Installing," and when complete it will update to say "Success!" If instead it updates with an error message, try again to install, or contact support.

Manually installing a (mt) Media Temple SSL certificate

Plesk 10.3.1 and newer, with SNI support enabled

If you are using the Power User Panel, you can get to the SSL certificate management section by following these steps:

  • a) Log into the Plesk Control Panel for your domain.
  • b) From the row of tabs at the top, select Websites & Domains.
  • c) Click on Secure Your Sites.

If you are using the Service Provider Panel, you can get to the SSL certificate management section by following these steps:
You must have the Server Administration Panel enabled. For instructions, please see: How can I change my Plesk interface?

  • a) Log into the Plesk Server Administrator Panel.
  • b) From the left-menu, click on Domains from the Hosting Services section.
  • c) Click on Manage Hosting or Open in Control Panel for the domain you are installing the SSL certificate for.
  • d) From the row of tabs at the top, select Websites and Domains.
  • e) Click on Secure Your Sites.

Once you are at the SSL Certificates screen, continue with installing the SSL certificate by following the instructions below.

  1. Click on the Add SSL Certificate icon.
  2. Fill in the Certificate name field. This will help you identify this certificate in the repository.
  3. Scroll down to the section called Upload certificate as text towards the bottom of the page.
  4. On your computer, open your SSL certificate with a plain text editor.
  5. Copy and paste the Private Key contents into the Private Key section on the page, making sure to copy the text that starts with the line -----BEGIN RSA PRIVATE KEY----- and ends with the line -----END RSA PRIVATE KEY-----.
  6. Perform the same steps to copy and paste the certificate and CA certificate into the Certificate and CA Certificate field, one after the other. Again, include the beginning and ending lines.
  7. Click the Send Text button to save the SSL certificate to the server.
  8. Next, we need to make sure SSL support is enabled for that domain. Click on the Up Level icon in the upper right-hand corner to get started.
  9. Click on the domain name, listed towards the bottom of the page to get to Hosting Settings.
  10. Under the Security section, check the box for Enable SSL support and select the SSL certificate for your domain. Click OK to save these settings.

Plesk 10.2 and lower, without SNI support

  1. Sign into your AccountCenter.
  2. From the "Overview" page, click on the "Admin" button next to the SSL certificate.
  3. Click on the "Certificate Information" button then click the words "View Certificate Data"
  4. Open a text editor program, then copy into the program the full text content to the left of the following sections:
    • Private Key
    • SSL Certificate
    • CA / Chain Certificate

NOTE:

The following steps depend on what Plesk interface you use. Even though the color scheme might be different, the steps remain the same.

Power User Panel

  1. Log into the Plesk Control Panel for your domain. See Figure 1:


    Figure 1: The Plesk Control Panel. Click for a larger view.

  2. Click on the Server tab. See Figure 2:.


    Figure 2.

  3. Under Tools & Resources, click on SSL Certificates.
  4. Click on the Add SSL Certificate icon.
  5. Fill in the Certificate name. This will help you identify this certificate in the repository.
  6. Scroll down to the section called Upload certificate as text.
  7. On your computer, open your SSL certificate with a plain text editor.
  8. Copy and paste the Private Key contents into the Private Key section on the page, making sure to copy the text that starts with the line -----BEGIN RSA PRIVATE KEY----- and ends with the line -----END RSA PRIVATE KEY-----.
  9. Perform the same steps to copy and paste the certificate and CA certificate into the Certificate and CA Certificate field, one after the other. Again, include the beginning and ending lines.
  10. Click Send Text to save the SSL certificate to the server.
  11. Next, we need to assign the certificate to the IP address. Click again on the on Server tab, click on IP Addresses, then click on your IP address.
  12. From the SSL Certificate drop-down menu, select the certificate you installed and click on the OK button.

Service Provider Panel

You must have the Server Administration Panel enabled. For instructions, please see: How can I change my Plesk interface?

  1. Log into the Plesk Server Administrator Panel.
  2. From the left-menu, click on Tools & Utilities.
  3. Click on SSL Certificates.
  4. Click on Add SSL Certificate.
  5. Fill in the Certificate name. This will help you identify this certificate in the repository.
  6. Scroll down to the section called Upload certificate as text.
  7. On your computer, open your SSL certificate with a plain text editor.
  8. Copy and paste the Private Key contents into the Private Key section on the page, making sure to copy the text that starts with the line -----BEGIN RSA PRIVATE KEY----- and ends with the line -----END RSA PRIVATE KEY-----.
  9. Perform the same steps to copy and paste the certificate and CA certificate into the Certificate and CA Certificate field, one after the other. Again, include the beginning and ending lines.
  10. Click Send Text to save the SSL certificate to the server.
  11. Next, we need to assign the certificate to the IP address. Click again on Tools & Utilities, click on IP Addresses, then click on your IP address.
  12. From the SSL Certificate drop-down menu, select the certificate you installed and click on the OK button.

Installing a third-party SSL certificate

Plesk 10.3.1 and newer, with SNI support enabled

If you are using the Power User Panel, you can get to the SSL certificate management section by following these steps:

  • a) Log into the Plesk Control Panel for your domain.
  • b) From the row of tabs at the top, select Websites & Domains.
  • c) Click on Secure Your Sites.

If you are using the Service Provider Panel, you can get to the SSL certificate management section by following these steps:
You must have the Server Administration Panel enabled. For instructions, please see: How can I change my Plesk interface?

  • a) Log into the Plesk Server Administrator Panel.
  • b) From the left-menu, click on Domains from the Hosting Services section.
  • c) Click on Manage Hosting or Open in Control Panel for the domain you are installing the SSL certificate for.
  • d) From the row of tabs at the top, select Websites and Domains.
  • e) Click on Secure Your Sites.

Once you are at the SSL Certificates screen, continue with installing the SSL certificate by following the instructions below.

  1. Click on the Add SSL Certificate icon.
  2. Fill in the Certificate name field. This will help you identify this certificate in the repository.
  3. Specify the certificate properties:
    • Certificate name. This will help you identify this certificate in the repository.
    • Bits. Use the option for 2048 for a more secure SSL certificate.
    • Your location and organization name. The values you enter should not exceed the length of 64 symbols.
    • Domain name. The domain name for which you want to purchase an SSL certificate. This should be a fully qualified domain name. For this example, we use: dv-example.com.
    • Email. The website administrator's e-mail address.
  4. Double-check to ensure that all the provided information is correct and accurate, as it will be used to generate your private key.
  5. Click the Request button. Your private key and certificate signing request will be generated and stored in the repository.
  6. In the list of certificates, click the name of the certificate you just created. A page showing the certificate properties opens.
  7. Locate the CSR section on the page, and copy the text that starts with the line -----BEGIN CERTIFICATE REQUEST----- and ends with the line -----END CERTIFICATE REQUEST----- to the clipboard.
  8. Submit your CSR to your third-party certifying authority. Fill out any information they require. When you fill in the server type, select Apache or Apache OpenSSL, whichever is available.
    • Verisign - choose Apache
    • Thawte - choose Apache_OpenSSL
    • GeoTrust - choose Apache + Open SSL
  9. It may take a few days for the certifying authority to process your request. If you have questions about the status of your request, please contact your third-party vendor.
  10. Obtain your certificate, and any required chain certificates, from your certifying authority. You may be prompted to download something called a bundle. Do so, unzip it if necessary, and open it. You will likely have one certificate and up to three chain certificates inside. You can open these files in a plain text editor, such as Notepad or TextEdit, for easy copying and pasting. Chain certificates are also called CA certificates.
  11. Return to the SSL certificates repository (Websites & Domains > Secure Your Sites), and select the previously created SSL certificate.
  12. Scroll down to the section called Upload certificate as text towards the bottom of the page.
  13. On your computer, open your SSL certificate with a plain text editor.
  14. Copy and paste the Private Key contents into the Private Key section on the page, making sure to copy the text that starts with the line -----BEGIN RSA PRIVATE KEY----- and ends with the line -----END RSA PRIVATE KEY-----.
  15. Perform the same steps to copy and paste the certificate and CA certificate into the Certificate and CA Certificate field, one after the other. Again, include the beginning and ending lines.
  16. Click the Send Text button to save the SSL certificate to the server.
  17. Next, we need to make sure SSL support is enabled for that domain. Click on the Up Level icon in the upper right-hand corner to get started.
  18. Click on the domain name, listed towards the bottom of the page to get to Hosting Settings.
  19. Under the Security section, check the box for Enable SSL support and select the SSL certificate for your domain. Click OK to save these settings.

Manually installing a third-party SSL certificate for Plesk 10.3 and lower (without SNI enabled)

Power User panel

  1. Log into the Plesk Control Panel for your domain. See Figure 1:


    Figure 1: The Plesk Control Panel. Click for a larger view.

  2. Click on the "Server" Tab.

    Figure 2.

  3. Under Tools & Resources, click on SSL Certificates.
  4. Click on the Add SSL Certificate icon.
  5. Specify the certificate properties:
    • Certificate name. This will help you identify this certificate in the repository.
    • Your location and organization name. The values you enter should not exceed the length of 64 symbols.
    • Domain name. The domain name for which you want to purchase an SSL certificate. This should be a fully qualified domain name. For this example, we use: dv-example.com.
    • Email. The website administrator's e-mail address.

    Double-check to ensure that all the provided information is correct and accurate, as it will be used to generate your private key.

  6. Click the Request button. Your private key and certificate signing request will be generated and stored in the repository.
  7. In the list of certificates, click the name of the certificate you just created. A page showing the certificate properties opens.
  8. Locate the CSR section on the page, and copy the text that starts with the line -----BEGIN CERTIFICATE REQUEST----- and ends with the line -----END CERTIFICATE REQUEST----- to the clipboard.
  9. Submit your CSR to your third-party certifying authority. Fill out any information they require. When you fill in the server type, select Apache or Apache OpenSSL, whichever is available.
    • Verisign - choose Apache
    • Thawte - choose Apache_OpenSSL
    • GeoTrust - choose Apache + Open SSL

    It may take a few days for the certifying authority to process your request. If you have questions about the status of your request, please contact your third-party vendor.

  10. Obtain your certificate, and any required chain certificates, from your certifying authority. You may be prompted to download something called a bundle. Do so, unzip it if necessary, and open it. You will likely have one certificate and three chain certificates inside. You can open these files in a text editor, such as Notepad or TextEdit, for easy copying and pasting. Chain certificates are also called CA certificates. Import your certificate and any chain certificates.
  11. Return to the SSL certificates repository (Tools & Settings > SSL Certificates). Upload the SSL certificate: Click Browse in the middle of the page and navigate to the location of the saved certificate.
  12. Select it, and then click Send File. This will upload and install the certificate against the corresponding private key.
  13. Return to the SSL Certificates repository (Tools & Settings > SSL Certificates).
  14. Next, we need to assign the certificate to the IP address. Click on Tools & Utilities and click on IP Addresses.
  15. From the SSL Certificate drop-down menu, select the certificate you installed and click on the OK button.

Service Provider Panel

You must have the Server Administration Panel enabled. For instructions, please see: How can I change my Plesk interface?

  1. Log into the Plesk Server Administrator Panel.
  2. From the left-menu, click on Tools & Utilities.
  3. Click on SSL Certificates.
  4. Click on Add SSL Certificate.
  5. Specify the certificate properties:
    • Certificate name. This will help you identify this certificate in the repository.
    • Your location and organization name. The values you enter should not exceed the length of 64 symbols.
    • Domain name. The domain name for which you want to purchase an SSL certificate. This should be a fully qualified domain name. For this example, we use: dv-example.com.
    • Email. The website administrator's e-mail address.

    Double-check to ensure that all the provided information is correct and accurate, as it will be used to generate your private key.

  6. Click the Request button. Your private key and certificate signing request will be generated and stored in the repository.
  7. In the list of certificates, click the name of the certificate you just created. A page showing the certificate properties opens.
  8. Locate the CSR section on the page, and copy the text that starts with the line -----BEGIN CERTIFICATE REQUEST----- and ends with the line -----END CERTIFICATE REQUEST----- to the clipboard.
  9. Submit your CSR to your third-party certifying authority. Fill out any information they require. When you fill in the server type, select Apache or Apache OpenSSL, whichever is available.
    • Verisign - choose Apache
    • Thawte - choose Apache_OpenSSL
    • GeoTrust - choose Apache + Open SSL

    It may take a few days for the certifying authority to process your request. If you have questions about the status of your request, please contact your third-party vendor.

  10. Obtain your certificate, and any required chain certificates, from your certifying authority. You may be prompted to download something called a bundle. Do so, unzip it if necessary, and open it. You will likely have one certificate and three chain certificates inside. You can open these files in a text editor, such as Notepad or TextEdit, for easy copying and pasting. Chain certificates are also called CA certificates. Import your certificate and any chain certificates.
  11. Return to the SSL certificates repository (Tools & Settings > SSL Certificates). Upload the SSL certificate: Click Browse in the middle of the page and navigate to the location of the saved certificate.
  12. Select it, and then click Send File. This will upload and install the certificate against the corresponding private key.
  13. Return to the SSL Certificates repository (Tools & Settings > SSL Certificates).
  14. Next, we need to assign the certificate to the IP address. Click on Tools & Utilities and click on IP Addresses.
  15. From the SSL Certificate drop-down menu, select the certificate you installed and click on the OK button.

Manually installing a (mt) Media Temple SSL certificate

Every SSL certificate needs to be on its own IP address. If you need only one certificate on your server, you are welcome to replace the default Plesk certificate with your new purchased certificate, and you will not need a new IP. However, if you do not want to replace the existing certificate on your current IP address, you will need to purchase a new IP for your server ($5.00 per month). Please get the new IP and update the domain before proceeding.

  1. Sign into your AccountCenter.
  2. From the "Overview" page, click on the "Admin" button next to the SSL certificate.
  3. Click on the "Certificate Information" button then click the words "View Certificate Data"
  4. Open a text editor program, then copy into the program the full text content to the left of the following sections:
    • Private Key
    • SSL Certificate
    • CA / Chain Certificate
  5. Log into the Plesk Server Administrator Panel.
  6. From the left-menu, click on Server button.
  7. Click on SSL Certificates.
  8. Click on Add SSL Certificate.
  9. Fill in the Certificate name. This will help you identify this certificate in the repository.
  10. Scroll down to the section called Upload certificate as text.
  11. On your computer, open your SSL certificate with a plain text editor.
  12. Copy and paste the Private Key contents into the Private Key section on the page, making sure to copy the text that starts with the line -----BEGIN RSA PRIVATE KEY----- and ends with the line -----END RSA PRIVATE KEY-----.
  13. Perform the same steps to copy and paste the certificate and CA certificate into the Certificate and CA Certificate field, one after the other. Again, include the beginning and ending lines.
  14. Click Send Text to save the SSL certificate to the server.
  15. You will now need to assign the certificate to your IP address. Click again on the Server button on the left.

    Plesk server.png

  16. Click on IP Addresses.

    Plesk server ip.png

  17. Click on the IP address for this domain.

    Plesk server ip ip.png

  18. Select your new certificate from the SSL Certificate dropdown, then click OK.

    Plesk server ip cert.png

  • Make sure your domain has SSL support enabled.
    1. Click on Domains on the left.

      Plesk domains.png

    2. Click on Setup.

      Plesk domain setup.png

    3. Make sure SSL support is enabled, under Preferences. Also, decide whether you want to allow the server to display the contents of the httpdocs directory over https://. If so, select Use a single directory for housing SSL and non-SSL content. If not, leave it unchecked.

      Plesk domain setup ssl.png

  • Your site is now encrypted by an SSL certificate. You must visit your site over https:// to see the effects. Make sure you use the exact domain or subdomain for which you purchased the certificate.

Manually installing a third-party SSL certificate

  1. Generate your CSR (certificate request).
    1. Log into Plesk.
    2. Click on Server,

      Plesk server.png

    3. Click on Certificates.

      Plesk server cert.png

    4. Click Add New Certificate.

      Plesk server cert add.png

    5. Fill in the form details, then click Request.

      Plesk server cert adddetails.png

      • Certificate name: The name you will use in Plesk to reference this certificate. Must be different from your other certificates.
      • Bits: 2048 if your certificate vendor supports it.
      • Country: Your country. This section and the next three will auto-fill with your Plesk information.
      • State or province: Your state or province.
      • Location (City): Your city.
      • Organization name (company): Your company.
      • Organization department/division name: Optional. Your department.
      • Domain name: This is the domain or subdomain for which you want the certificate. Some common examples: example.com, www.example.com, store.example.com. Note that you MUST use this same domain or subdomain on your site for the certificate to work properly.
      • E-mail: The email address that you want to receive correspondence regarding this certificate.

      TIP:

      If you're not sure what to put in any of these fields, contact your certificate vendor - they will be the ones verifying your company details before they generate your certificate.

    6. You will be returned to the main Certificates page.
    7. Click on the certificate you just generated.

      Plesk server cert newcert.png

    8. Scroll down. You'll see your CSR and Private key. Copy the chunk of text for the CSR, including the beginning and ending lines, into the form your certificate vendor supplies.

      Plesk server cert csr.png

      If you need to access the CSR again, please follow steps a-c and g above.

  2. Submit your CSR to your third-party certifying authority. Fill out any information they require. When you fill in the server type, select Apache or Apache OpenSSL, whichever is available.
    • Verisign - choose Apache
    • Thawte - choose Apache_OpenSSL
    • GeoTrust - choose Apache + Open SSL

    If you need to access the CSR again, follow steps a-c and g above, then scroll down to the CSR.

    • It may take a few days for the certifying authority to process your request. If you have questions about the status of your request, please contact your third-party vendor.
  3. Obtain your certificate, and any required chain certificates, from your certifying authority. You may be prompted to download something called a bundle. Do so, unzip it if necessary, and open it. You will likely have one certificate and three chain certificates inside. You can open these files in a text editor, such as Notepad or TextEdit, for easy copying and pasting.
    • Chain certificates are also called CA certificates.
  4. Import your certificate and any chain certificates.
    1. Log into Plesk.
    2. Click on Server,

      Plesk server.png

    3. Click on Certificates.

      Plesk server cert.png

    4. On your computer, open your SSL certificate with a plain text editor. See Step 3 for details.
    5. Copy the certificate from the text editor and paste it into the Certificate field in Plesk. Copy the entire thing, including the beginning and ending lines.

      Plesk server cert insert.png

    6. If you have any chain certificates, or CA certificates, paste those into the CA certificate field, one after the other. Again, include the beginning and ending lines for each chain certificate.
    7. Click Send Text at the bottom.
    8. Alternately, you can upload the certificate and any CA certificates using the Browse buttons. The files have to be plain text. When you're done, click Send File.

      Plesk server cert upload.png

  5. You will now need to assign the certificate to your IP address. You will also need to make sure SSL support is enabled for your domain, which is covered in the next step. Skip to the next step if you uploaded the certificate under the Domains section.
    1. Click on Server on the left.

      Plesk server.png

    2. Click on IP Addresses.

      Plesk server ip.png

    3. Click on the IP address for this domain.

      Plesk server ip ip.png

    4. Select your new certificate from the SSL Certificate dropdown, then click OK.

      Plesk server ip cert.png

  6. Make sure your domain has SSL support enabled. Also, if you uploaded the certificate to your domain, you will now need to select that certificate for the domain.
    1. Click on Domains on the left.

      Plesk domains.png

    2. Click on Setup.

      Plesk domain setup.png

    3. Make sure SSL support is enabled, under Preferences. Also, decide whether you want to allow the server to display the contents of the httpdocs directory over https://. If so, select Use a single directory for housing SSL and non-SSL content. If not, leave it unchecked.

      Plesk domain setup ssl.png

    4. Your site is now encrypted by an SSL certificate. You must visit your site over https:// to see the effects. Make sure you use the exact domain or subdomain for which you purchased the certificate.

Manually installing a (mt) Media Temple SSL certificate

  1. Sign into your AccountCenter.
  2. From the "Overview" page, click on the "Admin" button next to the SSL certificate.
  3. Click on the "Certificate Information" button then click the words "View Certificate Data"
  4. Either choose Download to get a zip file of your SSL certificate, or click View Certificate Data and copy the contents of the SSL certificate.
  5. Install the SSL certificate according to whatever steps your program requires.

Troubleshooting

When I visit my site over https://, I get a certificate warning like this:

This is an untrusted certificate

  • See if your SSL certificate requires a chain certificate. Contact your certifying authority if you did not receive the chain certificate. Review the steps above to upload the chain certificate(s) to your server.
  • Make sure you added all of your chain certificates to the server. There are usually three.
  • Make sure the certificate has not expired.
  • Contact your certifying authority for further assistance.

This web site does not supply ownership information

  • Make sure you replaced the default Plesk certificate for your domain.
  • Plesk has a bug that makes uploaded certificates show as self-signed. If this is your first time adding an SSL certificate to the server, run this one-liner in SSH:
cd /etc/httpd/conf.d/; cp ssl.conf ssl.conf.old && sed '/VirtualHost/,$  s/^/#/'  ssl.conf.old > ssl.conf && service httpd restart

NOTE:

If you purchased your SSL Certificate from (mt), GeoTrust SSLs do not supply ownership information, only domain verification. The above command does not apply in this case.

This Connection is Untrusted

  • Use the exact domain or subdomain for which you purchased the SSL certificate. It matters whether you use the "www" or not in the URL. Adjust links, redirects, and URL settings on your website as necessary.
  • On the (gs) Grid-Service, wait 24 hours for your IP address to update.
  • Make sure you updated your DNS to point your domain to your new IP address.

This Page Contains Both Secure and Non-Secure Items

  • Do you include any regular http:// links on your page? Make sure you switch them all to https://, or use relative paths for links.

The web page doesn't show up!

  • Log into Plesk, click on Domains, click on your domain, then on Setup. Select the option to Use a single directory for housing SSL and non-SSL content.

    Plesk domain setup ssl.png

  • Wait 12 hours for your DNS change to finish propagating.

Why do I receive a wrong certificate error via HTTPS?

Please see this article for a solution.

Unable to upload new SSL certificate due to error

Please see this article for additional information.

Browse by Service
Virb (1)
(gs) Grid-Service (562)
(dv) Dedicated-Virtual Server (1158)
(ve) Server (69)
ProCDN (9)
Browse by Category
Account Management (59)
API (0)
Databases and MySQL (31)
DNS, Domains, and Registrations (55)
Email (90)
FTP (20)
Migrations (11)
Plesk (140)
Security and Hack Recovery (17)
Server Settings and Optimization (58)
SSH (32)
SSL Certificates (14)
Troubleshooting (111)
Web Applications (134)
 

Continue