Question Securing Plesk with a Let's Encrypt certificate

[RaelB]

Hi,

In the screen to secure the Plesk admin panel itself, it requires a Domain name. Let's say I have added 2 websites to the control panel: www.website1.com and www.website2.com.

So to secure the admin panel, do I put in either website - i.e. it doesn't make a difference which one?

I'm trying to understand how the Plesk panel itself (in my mind a "Parent component" at an IP address) can be secured by a "child component", i.e. specific domain name of which there may be many within the control panel.



Thanks

 

[Ales]

So to secure the admin panel, do I put in either website - i.e. it doesn't make a difference which one?

Well, the difference will be in the usage. If you enter e.g. www.website2.com in the form above and issue this certificate to be used for Plesk, then when someone visits https://www.website2.com:8443, there will be no error. But if someone visits https://www.website1.com:8443 instead, he/she will be presented with a certificate error...

A common practice is to issue a certificate in the name of the server's hostname, rather than a specific hosted domain. But that really depends on your needs.

I'm trying to understand how the Plesk panel itself (in my mind a "Parent component" at an IP address) can be secured by a "child component", i.e. specific domain name of which there may be many within the control panel.

Do note that there are two different web servers running in the background, one is serving hosted domains and the other is used to serve the Plesk panel.

So you could have requested and issued certificates for both website1.com and website2.com and both will be accessible over an https address without any certificate errors. But if you do decide to secure your Plesk panel with a certificate in the name of website2.com, this will be a different certificate, requested and issued separately, and also served by a different web server altogether.