Plesk: Self-Signed SSL Certificate

A new self-signed SSL certificate will be created in the server certificate repository:

# ls -la /usr/local/psa/admin/conf/httpsd.pem
-r-------- 1 root root 3089 Sep 23 12:50 /usr/local/psa/admin/conf/httpsd.pem

The old one will be renamed as httpsd.pem.sav

# ls -la /usr/local/psa/admin/conf/httpsd.pem.sav
-r-------- 1 root root 3046 Sep  5 01:23 /usr/local/psa/admin/conf/httpsd.pem.sav

To assign this SSL certificate for securing your Plesk installation, check the newly-enabled SSL certificate in the list and click on Secure the panel if you have Plesk 8.2 or later. In older Plesk versions, click Install.

You can also use HTTP mode to access the Plesk interface: navigate to http://hostname:8880 and follow the same instructions as above.

Renewal is also possible through SSH:

  1. Connect to the Plesk server under root
  2. Go to the certificate directory and rename it:
    # cd /usr/local/psa/admin/conf/
    # mv httpsd.pem{,.old}
    
  3. Create a new certificate with the same name:
    # openssl req -new -nodes -x509 -out httpsd.pem -newkey rsa:2048 -keyout httpsd.pem -days 3650
    

    Fill out all the required fields.

    In this case, a PEM type certificate will be created, valid for 10 years with a private part without a password and 2048 bit key length.

  4. Restart sw-cp-server:
    # service sw-cp-server restart
    

Leave a Reply

Your email address will not be published. Required fields are marked *