Knowledge Base

How to install a self-signed SSL certificate in Plesk

This article describes how to generate and install a self-signed SSL certificate in Plesk.

Most A2 Hosting servers support Server Name Indication (SNI), which means SSL certificates do not require a dedicated IP address to work correctly. However, to ensure complete compatibility, you should consider purchasing a dedicated IP address. For more information about SNI support at A2 Hosting, please see this article.

Installing a self-signed certificate

You can install a self-signed SSL certificate on your A2 Hosting account for testing and development purposes.

Users receive warning messages in their browser when they try to access a web site secured by a self-signed certificate. This is because a trusted Certificate Authority has not signed the certificate. Let's Encrypt certificates are readily available for most cPanel and Plesk accounts, and are a trusted Certificate Authority in most browsers. For more information about Let's Encrypt certificates, please see this article.

To create and install a self-signed SSL certificate using Plesk, follow these steps:

  1. Log in to Plesk.
    If you do not know how to log in to your Plesk account, please see this article.
  2. In the left sidebar, click Websites & Domains:

    Plesk - Sidebar - Websites and Domains

  3. Click SSL/TLS Certificates:

    Plesk - SSL/TLS Certificates icon

  4. On the SSL/TLS Certificates page, click Add SSL/TLS Certificate:

    Plesk - SSL/TLS Certificates page - Add SSL/TLS Certificate

  5. On the Add SSL/TLS Certificate page, in the Certificate name text box, type a name for the certificate.

    The name can be anything you want. Plesk only uses the name to differentiate between multiple certificates.

    Plesk - Add SSL/TLS Certificate page

  6. In the Bits list box, select 4096.
  7. In the Country, State or province, Location (city), and Organization name (company) text boxes, type
  8. In the Domain name text box, type the domain that you want to secure with the self-signed certificate, such as test.example.com.

    You can also generate a wildcard certificate. To do this, start the domain name with an asterisk (*). For example, to protect example.com and all of its subdomains, type *.example.com.
  9. In the Email text box, type your e-mail address.
  10. Click Self-Signed. Plesk generates the self-signed certificate, but you still need to install it.
  11. In the left sidebar, click Websites & Domains:

    Plesk - Sidebar - Websites and Domains

  12. Click Hosting Settings:

    Plesk - Hosting Settings icon

  13. Under Security, confirm the SSL/TLS support check box is selected:

    Plesk - Hosting Settings - Security

  14. To permanently redirect all insecure (http://) requests to secure (https://) requests, select the Permanent SEO-safe 301 redirect from HTTP to HTTPS check box.
  15. In the Certificate list box, select the name of the certificate you specified in step 5.
  16. Click OK. You can now securely access the specified domain by using the https:// prefix in a web browser, but you will receive a warning message about the self-signed certificate.