Knowledge Base

(Plesk for Windows) Configuring Centralized SSL Certificate Support in Plesk

 
administrator guideplesk administrationsecuring pleskcliplesk cli

By default, SSL certificates are stored and managed locally on each
Windows server. However, this practice has certain disadvantages. An
alternative is to configure Centralized SSL Certificate
Support,
which enables you to store and manage certificates in one central
location. This topic explains how to set up Centralized SSL Certificate
Support in Plesk.

Storing and managing SSL certificates locally on each Windows server has
the following disadvantages:

  • It puts a limit on the number of SSL-secured websites you can host on
    a single server.
  • It makes managing certificates for multiple secured websites hosted
    on different servers inconvenient and time-consuming.

These disadvantages can be avoided by using Centralized SSL Certificate
Support.
This IIS feature allows you to store and manage SSL certificates in one
central location called the Centralized Certificate Store.

When you configure Plesk to use Centralized SSL Certificate Support,
whenever a SSL certificate is issued via Plesk, it is automatically
saved in the Centralized Certificate Store, where you can manage it.
Certificates issued via Plesk previously are automatically saved as
well. Saved certificates are encrypted and have the.pfx extension.

Note: Centralized SSL Certificate Support is available in IIS 8.0 or later.

To configure Centralized SSL Certificate Support in Plesk:

  1. Create a folder (local or shared) to store certificates.

  2. Install
    the “Centralized SSL Certificate Support” component in IIS.

  3. Configure
    the “Centralized SSL Certificate Support” feature. Note the values
    you use for “Physical path”, “User name” and “Password”. You will use
    them during further steps to configure Centralized SSL Certificate
    Support in Plesk.

  4. Log in to Plesk.

  5. Go to Tools & Settings > Server Components (under “Server
    Management”).

  6. Click the Refresh button.

  7. In Plesk CLI, execute the following command:

    plesk bin server_pref.exe --update -central-cert-store-path <path-to-store> -central-cert-store-private-key-password <password>

    where

    <path-to-store> is the path to the folder (local or shared) where
    certificates are stored, specified during step 3.

    <password> is the password to encrypt certificates in the
    Centralized Certificate Store.

  8. If you use the UNC
    path     for
    the Centralized Certificate Store, execute the following command.
    Otherwise skip this step:

    plesk bin server_pref.exe --update -central-cert-store-user-login <username> -central-cert-store-user-password <password>

    where

    <username> is the name of the user with the write permission to
    the Centralized Certificate Store, specified during step 3.

    <password> is that user’s password, specified during step 3.

  9. Execute the following command to enable the Centralized Certificate
    Store in Plesk:

    plesk bin server_pref.exe --update -central-cert-store true
Read the full article
Related Posts
Knowledge Base

Hosting Wiki

Industry
Partners

industry-partner_ALIBABA
industry-partner_GOOGLEPARTNER
industry-partner_MICROSOFT
industry-partner_REDHAT-r2
industry-partner_ALIBABA
industry-partner_AUTOMATTIC
industry-partner_AWS
industry-partner_DIGITALOCEAN
industry-partner_SCALEWAY

© 2024 WebPros International GmbH. All rights reserved. Plesk and the Plesk logo are trademarks of WebPros International GmbH.

Managed with love with Plesk WP Toolkit