Please note that these files were adapted from online resources
available at http://www.plesk.com/html/ssl-certificate-products/psa/doc.htm
A CSR is a file containing your certificate application
information, including your Public Key. Generate your CSR and
then copy and paste the CSR file into the webform in the
enrollment process.
Important
Notes on Certificates
- In order to use SSL certificates for a
given domain, the domain MUST be set-up for IP-Based hosting.
- When an IP-based hosting account is created
with SSL support, a default SSL certificate is uploaded
automatically. However, this certificate will not be
recognized by a browser as one that is signed by a certificate
signing authority.
- The default SSL certificate can be replaced
by either a self-signed certificate or one signed by a
recognized certificate-signing authority. The self-signed
certificate is valid and secure, but many clients prefer to
have a certificate signed by a known Certificate Signing
Authority.
- You can generate a certificate with the
SSLeay utility and submit it to any valid certificate
authority. This can be done using the CSR option within PSA.
- If the given domain has the www prefix
enabled, you must set-up your CSR or self-signed certificate
with the www prefix included. If you do not, you will receive
a warning message when trying to access the domain with the
www prefix.
- Remember to enter your certificate
information in PEM format. PEM format means that the RSA
Private Key text must be followed by the Certificate text.
- All certificates are located in the ../vhosts/'domain
name'/cert/httpsd.pem file. Where this directory reads "domain
name", you must enter the domain name for which the
certificate was created.
Generate a Self-signed Certificate or
Certificate Signing Request
Access the domain management
function by clicking on the Domains button at the top of the PSA
interface. The Domain List page appears.
- Click the domain name that you want to work
with. The Domain Administration page appears.
- If you have established an IP based hosting
account with SSL support, the Certificate button will be
enabled.
- Click the Certificate button. The SSL
certificate setup page appears.
- The Certificate Information: section lists
information needed for a certificate signing request, or a
self-signed certificate. You must fill out these fields before
generating your CSR or self-signed certificate.
- The Bits selection allows you to choose the
level of encryption of your SSL certificate. Select the
appropriate number from the drop down box next to Bits:.
- To enter the information into the provided
text input fields (State or Province, Locality, Organization
Name and Organization Unit Name (optional)) click in the text
boxes and enter the appropriate name.
- To enter the Domain Name for the
certificate, click in the text box next to Domain Name: and
enter the appropriate domain.
- The domain name is a required field. This
will be the only domain name that can be used to access the
Control Panel without receiving a certificate warning in the
browser. The expected format is www.domainname.com or
domainname.com.
- Click on the Request button.
- Selecting Request results in the sending of
a certificate-signing request (CSR) to the email address you
provided in the certificate fields discussed above. When a CSR
(certificate signing request) is generated there are two
different text sections, the RSA Private Key and the
Certificate Request. Do not lose your RSA private key. You
will need this during the certificate installation process.
Losing it is likely to result in the need to purchase another
certificate.
- Copy and paste the Certificate Request
emailed to you into the Instant SSL web form where it requests
a CSR (Certificate Signing Request).
- When you are satisfied that the SSL
certificate has been generated or the SSL certificate request
has been correctly implemented, click Up Level to return to
the Domain Administration page.
|