Facebook
TwitterThese instructions worked for me. Please let me know if anyone has any problems with them and I will be glad to update them and/or try to help you resolve it.
First things first, if this crashes something it's not my fault. MAKE A BACKUP FIRST!! If this is done improperly, you will most likely get an error similar to the following when trying to start Plesk Control Panel service (and the Plesk Control Panel will cease to work):
"Error 997 - at start service Apache2: Overlapping I/O operation is in progress. . ."
Request the new certificate:
Login to the Plesk Control Panel
Select Server under System
Click on certificates
Click add new certificate
Fill in the certificate name (this is for reference)
Fill in the domain name (this should be the domain you want to run Plesk's console from)
Click request
you are returned to the certificates page
Click on the certificate you just created
Find the CSR and use it to request a certificate (I use Comodo - InstantSSL)
Create the private key file:
Login to the Plesk Control Panel
Select Server under System
Click on certificates
Click Browse
Select your certificate and hit open
Copy the Private Key including the begin and end to notepad
Save the file as ssl.key
Put the ssl.key file in the c:\program files\swsoft\plesk\admin\conf directory on the server
Install your new certificate (after you have it of couse):
Login to the Plesk Control Panel
Select Server under System
Click on certificates
Click Browse
Select your certificate and hit open
Your certificate is installed
Install the CA Certificate (most everyone):
Login to the Plesk Control Panel
Select Server under System
Click on certificates
Click on the certificate you created
Click browse
Select your CA certificate and hit open
Your CA Certificate is installed
Install the CA Certificate (Comodo-InstantSSL Users):
Login to the Plesk Control Panel
Select Server under System
Click on certificates
Click on the certificate you created
Create a new notepad file called upload.txt (you can delete this in a sec)
Open ComodoSecurityServicesCA.crt using notepad
Paste the contents of the ComodoSecurityServicesCA.crt into upload.txt
Open GTECyberTrustRoot.crt using notepad
Paste the contects of the GTECyberTrustRoot.crt into upload.txt direclty after the guts from the other file
It should look something like this - no extra line breaks or spaces:
-----BEGIN CERTIFICATE-----
MIIEyDCCBDGgAwIBAgIEAgACmzANBgkqhkiG9w0BAQUFADBF
zs1x+3QCB9xfFScIUwd21LkG6cJ3UB7KybDCRoGAAK1EqlzWI
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNIjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+
-----END CERTIFICATE-----
Copy the contents of your upload.txt file to the "Upload certificate as text box" in Plesk
Hit Send Text
Delete the upload.txt file if you so desire
Your CA Certificate is installed
Convert and relocate the certificate:
Apache - at least the plesk version - requires the certificates to be in a .pem format
Open the certificate you purchased
Select the details tab
Select copy to file
Choose DER encoded binary X.509 (.CER)
Set the file name to export.cer
Finish the export process
Copy the export.cer file to the c:\program files\swsoft\plesk\admin\bin directory on the server
Open a command prompt on the server
Change your directory to c:\program files\swsoft\plesk\admin\bin
Run openssl
At the openssl> prompt type: x509 -in export.cer -inform DER httpsd.pem
Hit enter
Copy the httpsd.pem file to the c:\program files\swsoft\plesk\admin\conf directory on the server
You can safely delete export.cer
Relocate and rename the intermediate (CA) certificate:
Copy the intermediate (CA) certificate to the same directory as httpd.conf and name it ca.txt
Verify permissions on the files (you probably won't need change anything here)
You need to verify that at MINIMUM (more won't hurt anything and probably shouldn't be changed) these permissions appear on httpsd.pem, ssl.key, and ca.txt
Administrator: Full Control
psaadm: Read access
Change the httpd.conf file in c:\program files\swsoft\plesk\admin\conf:
Modify existing entries / Add new entries directly following "SSLEngine On" until it looks like this:
SSLCertificateFile conf/httpsd.pem
SSLCertificateKeyFile conf/ssl.key
SSLCACertificateFile conf/ca.txt
Restart Plesk Control Panel
You can also either use Plesk Services Monitor (usually loads on the taskbar in the tray) to do this or simply reboot the server.
That should be it. This worked for me more than once and I hope its helpful to you guys. Good Luck!!
- Matt
First things first, if this crashes something it's not my fault. MAKE A BACKUP FIRST!! If this is done improperly, you will most likely get an error similar to the following when trying to start Plesk Control Panel service (and the Plesk Control Panel will cease to work):
"Error 997 - at start service Apache2: Overlapping I/O operation is in progress. . ."
Request the new certificate:
Login to the Plesk Control Panel
Select Server under System
Click on certificates
Click add new certificate
Fill in the certificate name (this is for reference)
Fill in the domain name (this should be the domain you want to run Plesk's console from)
Click request
you are returned to the certificates page
Click on the certificate you just created
Find the CSR and use it to request a certificate (I use Comodo - InstantSSL)
Create the private key file:
Login to the Plesk Control Panel
Select Server under System
Click on certificates
Click Browse
Select your certificate and hit open
Copy the Private Key including the begin and end to notepad
Save the file as ssl.key
Put the ssl.key file in the c:\program files\swsoft\plesk\admin\conf directory on the server
Install your new certificate (after you have it of couse):
Login to the Plesk Control Panel
Select Server under System
Click on certificates
Click Browse
Select your certificate and hit open
Your certificate is installed
Install the CA Certificate (most everyone):
Login to the Plesk Control Panel
Select Server under System
Click on certificates
Click on the certificate you created
Click browse
Select your CA certificate and hit open
Your CA Certificate is installed
Install the CA Certificate (Comodo-InstantSSL Users):
Login to the Plesk Control Panel
Select Server under System
Click on certificates
Click on the certificate you created
Create a new notepad file called upload.txt (you can delete this in a sec)
Open ComodoSecurityServicesCA.crt using notepad
Paste the contents of the ComodoSecurityServicesCA.crt into upload.txt
Open GTECyberTrustRoot.crt using notepad
Paste the contects of the GTECyberTrustRoot.crt into upload.txt direclty after the guts from the other file
It should look something like this - no extra line breaks or spaces:
-----BEGIN CERTIFICATE-----
MIIEyDCCBDGgAwIBAgIEAgACmzANBgkqhkiG9w0BAQUFADBF
zs1x+3QCB9xfFScIUwd21LkG6cJ3UB7KybDCRoGAAK1EqlzWI
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNIjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+
-----END CERTIFICATE-----
Copy the contents of your upload.txt file to the "Upload certificate as text box" in Plesk
Hit Send Text
Delete the upload.txt file if you so desire
Your CA Certificate is installed
Convert and relocate the certificate:
Apache - at least the plesk version - requires the certificates to be in a .pem format
Open the certificate you purchased
Select the details tab
Select copy to file
Choose DER encoded binary X.509 (.CER)
Set the file name to export.cer
Finish the export process
Copy the export.cer file to the c:\program files\swsoft\plesk\admin\bin directory on the server
Open a command prompt on the server
Change your directory to c:\program files\swsoft\plesk\admin\bin
Run openssl
At the openssl> prompt type: x509 -in export.cer -inform DER httpsd.pem
Hit enter
Copy the httpsd.pem file to the c:\program files\swsoft\plesk\admin\conf directory on the server
You can safely delete export.cer
Relocate and rename the intermediate (CA) certificate:
Copy the intermediate (CA) certificate to the same directory as httpd.conf and name it ca.txt
Verify permissions on the files (you probably won't need change anything here)
You need to verify that at MINIMUM (more won't hurt anything and probably shouldn't be changed) these permissions appear on httpsd.pem, ssl.key, and ca.txt
Administrator: Full Control
psaadm: Read access
Change the httpd.conf file in c:\program files\swsoft\plesk\admin\conf:
Modify existing entries / Add new entries directly following "SSLEngine On" until it looks like this:
SSLCertificateFile conf/httpsd.pem
SSLCertificateKeyFile conf/ssl.key
SSLCACertificateFile conf/ca.txt
Restart Plesk Control Panel
You can also either use Plesk Services Monitor (usually loads on the taskbar in the tray) to do this or simply reboot the server.
That should be it. This worked for me more than once and I hope its helpful to you guys. Good Luck!!
- Matt
