Skip to content

How to renew plesk services ssl certificates (self signed)

by admin on October 16th, 2009

For Parallels Plesk Panel version 7.x, 8.x:

Server -> Certificates -> Add New Certificate

For Parallels Plesk Panel version 9.x:

Settings -> SSL Certificates -> Add SSL Certificate

Fill in required preferences and click button {Self-Signed}

New self-signed SSL certificate will be created in server certificate repository.

To assign this SSL certificate for securing your Parallels Plesk Panel mark enabled new SSL certificate in the list and push Secure control panel if you have Plesk 8.2 or later, or Install if you have older Plesk version.
Also, see Plesk documentation how to setup self-signed certificates.

After you created or uploaded new certificate into Plesk and wish to use it for domains you should set it for every IP you need, so domains use it when you access them via HTTPS.
It can be done on page Server -> IP Addresses -> “choose IP” by selecting needed Certificate in “SSL Certificate” drop down menu.

or

I use 1 SSL cert for plesk control-panel, pop3s, imaps and smtps.

After generating the new certificate in the administrator repository. make it your default certificate and mark it again and press setup to install it on your plesk admin server on port 8443. then put the certificate at your main ip-adresse in your ip-pool(maybee this step is not necessary).

copy /usr/local/psa/admin/conf/httpsd.pem
to
/usr/share/courier-imap/pop3d.pem, /usr/share/courier-imap/imapd.pem and /var/qmail/control/servercert.pem

please have a look that the owner(very important) and the chmod rights are the same of pop3d.pem, imapd.pem and servercert.pem. like before otherwhise qmail will for example not work/start, because it can’t read the file.

restart courier(imap,pop3) and qmail(smtp) in the plesk server service control panel.

after this plesk control-panel 8443, pop3s, imaps and smtps should work without warning messages and with only 1 ssl cert, if you use for all services the same main hostname.domain.com address like me.

(maybee you should also have a look, that the same hostname is configured in the qmail config file)

finally to test certificates :

openssl s_client -connect [host]:993

openssl s_client -connect [host]:995

openssl s_client -connect [host]:465

openssl s_client -connect [host]:8443

where for e.g. host=localhost

2 Comments
  1. Zeljko permalink

    Thank you, really helped me a lot.

    That 465 port was bugging the hell out of me.

Trackbacks & Pingbacks

  1. How to renew plesk services ssl certificates (self signed) - My Collection

Leave a Reply

Note: XHTML is allowed. Your email address will never be published.

Subscribe to this comment feed via RSS