Plesk Onyx SSL Installation Guide with Easy Steps
Plesk Onyx provides a simple interface for managing and installing SSL certificates on your websites. With just a few clicks, you can add an SSL certificate to strengthen security, enable HTTPS, and activate the padlock icon in the browser address bar. In this comprehensive guide, we will walk through the entire process about how to Install SSL Certificate on Plesk Onyx, from purchasing your certificate to properly configuring it within the Plesk interface.
Key Takeaways on Install SSL Certificate in Plesk Onyx
- SSL certificates encrypt data and establish trust between your website and visitors.
- Plesk Onyx offers a intuitive way to install and manage SSL certificates.
- You will need to purchase your certificate from a certificate authority before installing it.
- Proper SSL certificate installation requires configuring your domain’s DNS records.
- Activating HTTPS and forcing redirection in Plesk completes the SSL certificate installation.
Prerequisites for Installing an SSL Certificate
Before installing an SSL certificate, make sure you have:
- A registered domain name pointing to your hosting server IP address.
- A Plesk Onyx server installed and running on your hosting account.
- Administrator access to your hosting account and Plesk Onyx.
- Permission to modify DNS records for your domain.
- An SSL certificate purchased from a trusted certificate authority.
7 Easy Steps to Install SSL Certificate in Plesk Onyx
Follow these step-by-step guide to install SSL Certificate in Plesk Onyx.
- Purchase an SSL Certificate
- Generate a CSR in Plesk
- Submit CSR and Obtain SSL Certificate
- Install SSL Certificate on Plesk Onyx
- Configure DNS Records
- Activate HTTPS in Plesk
- Renewing an SSL Certificate in Plesk
Step 1 – Purchase an SSL Certificate
You will need to purchase an SSL certificate that matches your registered domain name. While you can create your own self-signed certificates, most browsers will not trust them.
Instead, you should purchase an SSL certificate from a trusted certificate authority (CA) like:
- DigiCert
- Comodo
- GlobalSign
- Entrust Datacard
- GoDaddy
Domain validated SSL certificates are the most affordable and verify you own the domain. Extended validation SSL certificates provide enhanced validation and display your legal business name.
Make sure to purchase the certificate in the correct name that matches your domain name. You will receive certificate files after purchase which are used during installation.
Step 2 – Generate a CSR in Plesk
Before installing your SSL certificate, you need to generate a certificate signing request (CSR) in Plesk Onyx. The CSR contains your domain details and public key which is submitted to the CA for signing your certificate.
Here are the steps to generate a CSR in Plesk:
- Login to your Plesk control panel and click on SSL/TLS Certificates under the Domains section.
- Click Add Certificate and select the domain name you want to install the SSL certificate for.
- Choose the Web Server type as nginx or Apache depending on your server.
- For Certificate Source, select Generate a certificate signing request (CSR).
- Enter your organization details like name, department, city, etc. This populates the CSR.
- Select the encryption type as ECC or RSA. ECC 256 bits is recommended.
- Click OK to generate and download the CSR file. This will be submitted to the CA.
The CSR file will be downloaded to your computer which you’ll need to submit to the certificate authority to obtain the signed certificate.
Step 3 – Submit CSR and Obtain SSL Certificate
Once you have generated the CSR file, you will need to purchase your SSL certificate and submit the CSR to the certificate authority.
Follow these steps:
- Purchase the SSL certificate from your chosen trusted CA.
- If using a domain validation certificate, you will need to verify domain ownership as required by the CA. This usually involves uploading a text file to your domain or setting a DNS record.
- During the SSL certificate purchase process, upload the CSR file when prompted.
- The CA will use the CSR to create a signed SSL certificate file for your domain.
- After payment is completed, you will receive the SSL certificate files from the CA.
The CA will provide the primary SSL certificate file along with intermediate and root certificate files. These certificate files will be installed in Plesk in the next step.
Step 4 – Install SSL Certificate on Plesk Onyx
Once you have received the SSL certificate files from the CA, you can install them in Plesk Onyx with these steps:
- Login to your Plesk control panel and go to SSL/TLS Certificates.
- Click on Add Certificate and select the domain name.
- For the certificate source, choose I have a certificate in a file.
- Upload the certificate file you received from the CA ending in .crt or .pem.
- Upload the CA bundle file containing intermediate certificates.
- Click OK to install the SSL certificate in Plesk.
The certificate and bundled CA files will be installed and assigned to your domain in Plesk.
Step 5 – Configure DNS Records
In order for the SSL certificate to function properly, some DNS records need to be configured or updated. This allows the certificate to be validate across the internet.
Follow these steps to configure your DNS:
- Login to your domain registrar and access the DNS record management.
- Create a CNAME record for your domain pointing to:
yourdomain.com - Add a TXT record with your domain name and the value plesk-verify.
- Save the DNS changes and wait up to 24 hours for propagation.
Your registrar may also have specific DNS instructions provided for validating certificates. Follow those if available.
The certificate authority will now be able to verify domain ownership using the DNS records.
Step 6 – Activate HTTPS in Plesk
Once your SSL certificate is installed and the DNS records have propagated, you need to activate HTTPS in Plesk Onyx.
Here are the steps:
- In Plesk, go to Websites & Domains and select your domain.
- Click the SSL/TLS
- The new certificate will be listed here. Click on the cog icon to view actions.
- Select HTTP to HTTPS redirection and enable the redirect option.
- Check that the SSL certificate shows as Installed and Active.
- Click OK to save the changes.
This will enable forced HTTPS redirection using the installed SSL certificate for your website.
Test by visiting your domain in the browser and it should redirect to HTTPS with the padlock icon present.
Step 7 – Renewing an SSL Certificate in Plesk
SSL certificates are valid for 1-2 years typically. You will need to renew the certificate when it gets close to the expiry date.
Renewal process usually involves:
- Generating and submitting a new CSR in Plesk.
- Obtaining the renewed certificate files from the CA.
- Installing the new certificate in Plesk.
Many CAs will send renewal reminders when your certificate is about to expire. Make sure to renew it on time to avoid any certificate warnings.
- Log in to the FortiGate web-based management interface or CLI.
- Navigate to System> Certificates > Import > Local Certificate.
- In the “Import Certificate” section, choose the appropriate certificate source (e.g., “Upload” or “File”).
- Click “Upload” and select the certificate backup file you want to restore.
- Enter the password if required and click “OK” to import the SSL certificate.
Conclusion on Install SSL Certificate on Plesk Onyx
Installing an SSL certificate is crucial for delivering a secure online experience and establishing trust with website visitors. Plesk Onyx simplifies the installation and management of SSL certificates.
Following the steps outlined in this guide, you can successfully purchase the right SSL certificate, generate a CSR, obtain the signed certificate, configure DNS records, install it in Plesk, activate HTTPS, and renew when required.
With a properly installed SSL certificate, your website will have an encrypted connection, verified identity, and PCI compliance for handling online payments. Just remember to renew the certificate before expiration.
Frequently Asked Questions
How do I generate a CSR in Plesk Onyx?
Go to SSL/TLS Certificates in Plesk, click Add Certificate, select your domain, choose the CSR generation option, enter details, select encryption type, and click OK to generate and download the CSR file.
How long does an SSL certificate last?
SSL certificates typically last for 1-2 years. You will need to renew an SSL certificate when it approaches the expiry date to maintain an active SSL on your site.
Do I need a dedicated IP address for SSL?
Shared SSL certificates can be installed without a dedicated IP address. Private SSL certificates require a dedicated IP address on your web server.
What steps are needed to activate SSL in Plesk?
To activate SSL in Plesk, install the certificate, configure DNS records for validation, enable HTTPS in domain settings, and force HTTP to HTTPS redirection.
How do I create a self-signed SSL certificate in Plesk?
Self-signed SSL certificates can be generated in Plesk by selecting ‘Generate a self-signed certificate’ as the certificate source when adding a new SSL cert.
Can I install an EV SSL Certificate on Plesk?
Yes, Plesk allows installing Extended Validation (EV) SSL certificates which show the organization name in green. Follow the same installation process.
What cipher suites does Plesk support for SSL?
Plesk supports modern cipher suites including AES 128/256-bit encryption and RSA 2048/4096-bit keys for optimal security when using SSL certificates.
Does using SSL impact web server performance?
SSL has a minimal impact on performance. Faster processors on modern servers eliminate most overhead associated with encrypting HTTPS traffic.