Applicable to:
- Plesk for Linux
- Plesk for Windows
Question
How to secure a Plesk hostname on port 8443 with an SSL certificate (Let's Encrypt / other certificate authorities)?
Answer
-
Go to Tools & Settings > SSL/TLS Certificates (under Security).
-
Click Let's Encrypt.
-
Make sure the Domain name and Email address fields contain a valid information:
-
Domain name can be a server hostname (preferable) or any other (sub)domain name hosted on the server. It will be used as an entry point to Plesk over port 8443 (for example, https://server.example.com:8443 ) for all Plesk users (customers, resellers, etc.) who have access to Plesk.
Note: The hostname/domain name must be resolved to a public IP address of the Plesk server from the Internet. If in doubt, check your hostname/domain name availability using DNS Lookup by MxToolBox.
If a domain, e.g. example.com, is using permanent www redirection, specify www.example.com as Domain name. -
Email address will be used to receive important notifications and warnings.
-
-
Click Install. At this stage, an SSL certificate from Let’s Encrypt is generated and set to secure Plesk on port 8443. This certificate will be auto-renewed every 90 days. Here is the final look:
Now, access Plesk over https://server.example.com:8443.
-
-
In Plesk, go to Tools & Settings and click SSL/TLS Certificates.
-
On the SSL/TLS Certificates page, add your certificate:
Note: If you are experiencing issues with a certificate installation, contact your certificate seller and ask for instruction for Plesk.
-
If an SSL certificate is stored in a single
*.crt
file:Click Browse... to select a certificate file. Then click Upload Certificate.
-
If an SSL certificate is stored in the form of
*.key
and*.crt
files:Click Add under List of certificates in server pool and scroll down to the Upload the certificate files section and upload these files. If both the certificate and the private key parts of your certificate are contained in a
*.pem
file (you can check it by opening the*.pem
file in any text editor), just upload it twice, both as the private key and the certificate. Click Upload Certificate once finished. -
If an SSL certificate is stored as a text:
Click Add under List of certificates in server pool and scroll down to the Upload the certificate as text section. There, paste the certificate and the private key parts into the corresponding fields. Click Upload Certificate when you have finished.
-
-
Click [Change] next to Certificate for securing Plesk > select an uploaded certificate > click OK. Now Plesk interface is secured with an SSL certificate.
Additional Information
Starting from Onyx 17.8, Plesk secures its hostname with a free Let's Encrypt certificate automatically, if the Let's Encrypt extension is installed and the hostname is a fully qualified domain name (FQDN) and is resolved from the Internet.
Comments
4 comments
Let's Encrypt screen shows [Reissue] button and not [Install]. I followed the steps but still do not see a secured 8443
Followed this step by step and still have a non secure when logining in and can not sync to plesk 360
Same issue!
I think these 3 help articles should be linked together as it appears you need all 3 steps to make it work, yes ? after changing the host name and setting custom url, to then go and issue a new certificate
1) https://support.plesk.com/hc/en-us/articles/12377745012247-How-to-customize-Plesk-URL
2) https://support.plesk.com/hc/en-us/articles/12377750836375--How-to-change-or-get-the-server-hostname-on-Plesk-server
3) https://support.plesk.com/hc/en-us/articles/12377713798039-How-to-secure-a-Plesk-hostname-on-port-8443-with-an-SSL-certificate-Let-s-Encrypt-other-certificate-authorities
Please sign in to leave a comment.