Changing a certificate in WebHost Manager
WebHost Manager enables you to change your CPanel and WebHost Manager certificate automatically, without having to manually find and replace the certificate files.
Note: The CPanel certificate is used in the https://www.yourdomain.com:2083 address and the WebHost Manager certificate is used in the https://www.yourdomain.com:2087 address.
To change a certificate:
1.Click on the Change CPanel/WHM Certificate link in the SSL/TLS menu.
2.Enter the domain for the certificate in the Domain this CRT is for field.
3.Click on the Fetch button to paste the .key and .crt files for the domain into the available display spaces, if they are currently on your server. Otherwise, copy and paste the .key and .crt files into the available display areas.
Note: If you generated the certificate using WebHost Manager, the certificate files will be available.
Creating a wildcard SSL certificate in Plesk
A wildcard DNS record is a record in a DNS zone that will match requests for non-existent domain names. A wildcard DNS record is specified by using a “*” as the left most label (part) of a domain name, e.g. *.example.com.
A wildcard DNS record in a zone file looks similar to this example:
*.serverbuddies.com. 3600 IN MX 10 host1.serverbuddies.com.
This wildcard DNS record will cause DNS lookups on domain names ending in example.com that do not exist to have MX records synthesized for them. So, a lookup for the MX record for somerandomname.example.com would return an MX record pointing to host1.example.com.
Since version 8.0.1 Plesk allows to create and use certificates for Wildcard domain names (like *.serverbuddies.com.com).
Wildcard certificate can be created the same way that usual certificate is generated. The only difference that you specify the name with “*” sign in the left path, for example *.serverbuddies.com” domain name in the Wildcard certificate will match all this domain’s subdomains, like mail.serverbuddies.com, ftp.serverbuddies.com, etc
CA (Certificate Authority) Bundle
A file on your server that verifies that your public and private keys were issued by a trusted entity.
If your Certificate Authority sent you a CA bundle file, you can install it to your server using WHM’s Install a SSL Certificate and Setup the Domain feature, or the Manage Service SSL Certificates feature.
Install a SSL Certificate and Setup the Domain
When you use this feature, WHM will automatically install your SSL certificate and private key in the correct directories. You may either paste the certificate and key into the fields on the screen yourself, or allow WHM to retrieve them.
It is very important that your SSL certificate and private key reside in the correct directories because if they do not, your server will remain unauthenticated, leaving your visitors at risk.
Installing your SSL Certificate / Web Server Certificate / Secure Server Certificate in Ensim
Your certificate will be sent to you by email after you get that from SSl providers. The email message includes the web server certificate that you purchased in the body of the email message.
Copy the certificate from the body of the email and paste it into a text editor (such as notepad) to create text files. Name this file yourdomain.txt and save it in a convenient place.
These instructions apply for both Ensim Pro and Ensim 3.x.
1. Click SSL Settings - access to this link may differ depending on your version of Ensim:
If you are running Ensim Pro. In the shortcuts section of the Home page, click SSL Settings in the Web Server section:
Or if you are running Ensim 3.x, click the Services link on the left, then click the Edit button for the Apache Web Server service:
2. Then in the Apache Web Server Manager click the SSL Settings link.
Select Import at the bottom of the SSL Settings form.
3. Copy the contents of yourdomain.txt and paste it into the Certificate text box
Be sure to include —–BEGIN CERTIFICATE—– through —–END CERTIFICATE—–
4. Select Save.
5. To make security effective on your domain, restart the Web server. The domain is not secure until you do so.
Test your certificate by using a browser to connect to your server. Use the https protocol directive (e.g. https://your server/) to indicate you wish to use secure HTTP. Note: The padlock icon on your browser will be displayed in the locked position if your certificates are installed correctly and the server is properly configured for SSL.
Creating your own SSL certificate for DirectAdmin
Note : that this is for the DirectAdmin connection on port 2222.
You can switch DirectAdmin to use SSL instead of plain text. -> https instead of http on port 2
If you do not have your own certificates, you’ll need to create your own:
/usr/bin/openssl req -x509 -newkey rsa:1024 -keyout /usr/local/directadmin/conf/cakey.pem -out /usr/local/directadmin/conf/cacert.pem -days 9999 -nodes
And then
chown diradmin:diradmin /usr/local/directadmin/conf/cakey.pem
chmod 400 /usr/local/directadmin/conf/cakey.pem
Edit the /usr/local/directadmin/conf/directadmin.conf and set SSL=1 (default is 0). This tells DA to load the certificate and key and to use an SSL connection. DirectAdmin needs to be restarted after this change.
