Tuesday, October 14, 2008

SSL and Plesk (IE and Firefox)

Recently had an issue with the SSL certificates on our Plesk servers. After some playing around, it turned out to be an issue with the way IE and Firefox handle the certificates differently and the way in which they are loaded into the Plesk GUI.

Our certificates are purchased through UK2 and uploaded to Plesk > 8.1

  • Alter the domain to run on an exclusive IP address
    • update dns settings for domain appropriately.
    • plesk -> select domain -> settings -> select IP from 'IP address' drop down
  • Get a new SSL certificate for the domain.
    • Plesk -> select domain -> certificates -> add new certificate
    • complete form.
    • copy resulting CSR to clip board
    • request free SSL cert from uk2 control panel for the related server
  • Once it's issued, manipulate supplied SSL certificate files
    • From the supplied zip file, open UTNAddTrustServerCA.crt and AddTrustExternalCARoot.crt PositiveSSLCA.crt within a text editor.
    • Create a NEW file with the content of each of the above files (in same order) with no spaces between them and save it as chain.crt (concatenate the files)
  • Upload the www_domain_name_com.crt file and chain.crt file to the server.
    • Plesk -> select domain -> certificates -> the new certificate
    • Under 'upload certificate files', browse for www_domain_name_com.crt under 'certicate' and chain.crt under 'CA certificate' and then click send file.
  • Alter the domain to use the new certificate
    • Plesk -> select domain -> settings -> select new certificate from the certificate drop down

No comments: