By default, SSL certificates are stored and managed locally on each Windows server. However, this practice has certain disadvantages. An alternative is to configure Centralized SSL Certificate Support, which enables you to store and manage certificates in one central location. This topic explains how to set up Centralized SSL Certificate Support in Plesk.
Storing and managing SSL certificates locally on each Windows server has the following disadvantages:
These disadvantages can be avoided by using Centralized SSL Certificate Support. This IIS feature allows you to store and manage SSL certificates in one central location called the Centralized Certificate Store.
When you configure Plesk to use Centralized SSL Certificate Support, whenever a SSL certificate is issued via Plesk, it is automatically saved in the Centralized Certificate Store, where you can manage it. Certificates issued via Plesk previously are automatically saved as well. Saved certificates are encrypted and have the.pfx extension.
Note: Centralized SSL Certificate Support is available in IIS 8.0 or later.
To configure Centralized SSL Certificate Support in Plesk:
plesk bin server_pref.exe --update -central-cert-store-path <path-to-store> -central-cert-store-private-key-password <password>
where
<path-to-store>
is the path to the folder (local or shared) where certificates are stored, specified during step 3.
<password>
is the password to encrypt certificates in the Centralized Certificate Store.
plesk bin server_pref.exe --update -central-cert-store-user-login <username> -central-cert-store-user-password <password>
where
<username>
is the name of the user with the write permission to the Centralized Certificate Store, specified during step 3.
<password>
is that user's password, specified during step 3.
plesk bin server_pref.exe --update -central-cert-store true