During Plesk installation, Plesk and the mail server are automatically secured
with a free SSL/TLS certificate from Let’s Encrypt. If, for some reason,
it did not happen, we recommend that you manually secure Plesk and the
mail server with an SSL/TLS certificate from a certificate authority of your choice.
To secure Plesk and the mail server with a certificate from other
certificate authorities:
-
Go to Tools & Settings > SSL/TLS Certificates (under
“Security”) and click the + Add button. -
Fill in the fields marked with the asterisk. Pay particular attention
to the following fields:- “Certificate name”. Give the certificate a recognizable name so
you can tell it apart from other certificates in the server
repository. - “Bits”. The more bits, the more secure the certificate. We
recommend using the default value (4096). - “Domain name”. Make sure that the name in this field matches the
server hostname.
- “Certificate name”. Give the certificate a recognizable name so
-
If all the provided information is accurate, click Request.
Plesk will generate a private key and a certificate signing request
and display them in under “List of certificates in server pool”. -
Find the certificate under “List of certificates in server pool” and
click its name. This will open a page showing the certificate
properties. -
Copy the whole content of the “CSR” section (including
-----BEGIN CERTIFICATE REQUEST-----and
-----END CERTIFICATE REQUEST-----) to clipboard. -
Visit the website of the certificate authority of your choice and
start a certificate ordering procedure. When you are prompted for the
CSR, paste the data from clipboard. The certificate authority will
create an SSL/TLS certificate in accordance with the information you
provided. When you receive your SSL/TLS certificate, save it on your
local machine or network. -
Go to Tools & Settings > SSL/TLS Certificates, click Choose
file under “Upload the certificate here”, select the saved.crt
file, and then click Upload Certificate. -
To secure Plesk, click the [Change] link next to “Certificate for
securing Plesk”. Select the certificate generated during step 3 from
the drop-down list, and then click OK. -
To secure the mail server, repeat the previous step for “Certificate
for securing mail”.
Note: Once you secure the mail server with an SSL/TLS certificate, make
sure to access mail using:
- The domain name of the Plesk server for which the certificate was issued
(and advise your customers to do the same). - Mail for a domain that is secured with an individual SSL/TLS certificate.
Otherwise, the mail client software may be unable to verify the
mail server identity, which may cause issues when sending or
receiving mail.