? SSL Certificate Installation
SSL Certificate Options
- Let's Encrypt (Free): Automatic installation and renewal
- Purchased SSL: Commercial certificates from providers
- Self-signed: For testing purposes only
Installing Let's Encrypt SSL Certificate
- Access SSL/TLS Certificates
Websites & Domains → SSL/TLS Certificates - Click "Install" for Let's Encrypt
- Configure Settings:
- Select domain and subdomains to secure
- Include www and non-www versions
- Include webmail if needed
- Enable automatic renewal (recommended)
- Click Install
- Enable HTTPS Redirect
Enable "Permanent SEO-safe 301 redirect from HTTP to HTTPS"
Installing Commercial SSL Certificate
- Generate CSR (Certificate Signing Request) in Plesk
- Purchase SSL from provider using CSR
- Receive certificate files from provider
- Upload certificate files in Plesk:
- Certificate (.crt)
- CA Bundle (intermediate certificates)
- Private Key (if not generated in Plesk)
- Assign certificate to domain
SSL Certificate Types
| Type | Validation | Best For | Trust Level |
|---|---|---|---|
| Domain Validated (DV) | Domain ownership only | Blogs, personal sites | Basic |
| Organization Validated (OV) | Organization verification | Business websites | Medium |
| Extended Validation (EV) | Extensive verification | E-commerce, banking | Highest |
| Wildcard | Varies | Multiple subdomains | Varies |
Force HTTPS Redirect
Add to web.config to force HTTPS:
<system.webServer>
<rewrite>
<rules>
<rule name="Force HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}"
redirectType="Permanent" />
</rule>
</rules>
</rewrite>
</system.webServer>SSL Certificate Renewal
- Let's Encrypt: Auto-renews every 60 days
- Commercial SSL: Manual renewal before expiry
- Set renewal reminders 30 days before expiry
- Test renewal process in advance
