Protecting Your Website With a Self-Signed SSL/TLS Certificate¶
If you want to secure your website with an SSL/TLS certificate, you can use a free self-signed SSL/TLS certificate. You can also purchase an SSL/TLS certificate directly through Plesk, generate a Certificate Signing Request (CSR for short) to purchase one from a Certification Authority, or protect your website with a certificate you already own.
Securing your website with a self-signed SSL/TLS certificate protects website visitors by encrypting communications to and from the server, but does not verify your website’s authenticity. Visitors to your website will be warned about the certificate’s lack of validity in their browser.
To secure your website with a self-signed certificate, you need to generate one first. To do so, go to Websites & Domains > your website > SSL/TLS Certificates > “Advanced Settings” > and click Add SSL/TLS Certificate. Fill out the fields marked with the red asterisk symbol (*), such as the certificate name (you will use it to identify the certificate in the list of all certificates), your personal information, the name of the domain the certificate will be protecting, and so on.
If you want to generate a wildcard SSL/TLS certificate, your domain name must start with an asterisk symbol (*). For example, a certificate generated for *.example.com can be used to secure any subdomain of example.com.
When you have finished, click Self-Signed. This will result in the self-signed certificate being generated and placed in your repository. You can see a list of all SSL/TLS certificates in your repository by going to Websites & Domains > your website > SSL/TLS Certificates > “Advanced Settings”.
Now that the certificate has been generated, you need to install it. Go to Websites & Domains > your website > Hosting Settings. From the Certificate menu, select the certificate you have just generated and then click OK.