This topic explains how to manually secure both Plesk and the Plesk mail server
with the following certificates’ types:
- A free SSL/TLS certificate from Let’s Encrypt.
- An SSL/TLS certificate purchased from a certificate authority.
- A self-signed SSL/TLS certificate.
SSL/TLS certificates protect sensitive data by encrypting connections
between the client and the server. Moreover, having a valid SSL/TLS
certificate is practically a requirement on today’s Internet. To improve
security, Plesk and the mail server are automatically secured with a free SSL/TLS certificate
from Let’s Encrypt during Plesk installation.
In most cases, this feature provides you with security and peace of mind without any actions on your part.
Plesk can issue an SSL/TLS certificate from Let’s Encrypt
even if the server does not have a resolvable hostname.
However some glitches may happen.
If, for some reason, an SSL/TLS certificate from Let’s Encrypt was not issued,
Plesk and the mail server will be automatically secured with a self-signed SSL/TLS certificate.
Self-signed SSL/TLS certificates encrypt connections and protect your sensitive data
from being intercepted. However they come with a drawback.
Anyone visiting a Plesk server secured with a self-signed SSL/TLS certificate
will see a warning telling them that the website is not trusted.
This may worry your customers. To avoid this, we recommend that you manually secure Plesk and the
Plesk mail server with either a free SSL/TLS certificate from Let’s
Encrypt or an SSL/TLS certificate purchased from a certificate
authority.
with