RFW HOW TO: How to install a Godaddy SSL certificate on a domain hosted on a server running Plesk 9

Friday, 16 July 2010 10:14 Last Updated on Sunday, 06 March 2011 07:34 Written by Spencer Thornock

This is a quick guide I put together for installing a Godaddy.com issued SSL certificate on a server running Plesk Control Panel 9.  The steps may vary slightly depending on your Plesk version and the issuer of the certificate.

Step 1: Add new IP address to to your Plesk 9 server.

  1. Order new IP address through admin.1and1.com, or any hosting company you are using.

Step 2: Configure domain DNS A record to point to new IP address.

  1. This is handled in the domain advanced DNS settings, on Godaddy.com this is done under "Total DNS"

Step 3: Add IP address to your Plek 9 server:

  1. Open Plesk 9 administration interface and navigate to: Main Menu -> Settings -> IP Addresses
  2. Click "Add IP Address" and enter the following information where asked:
    1. Interface: Eth0 (or whichever interface you are using)
    2. IP address and subnet mask: xxx.xxx.xxx.xxx/255.255.255.0 where xxx.xxx.xxx.xxx is the new IP address, 255.255.255.0 is the subnet mask and is the same each time (note, subnet mask may vary depending on network, please check with your hosting company).
    3. IP address distributed as: Exclusive
    4. SSL Certificate: default

Step 4: Assign new IP to client account:

When viewing IP addresses management screen in Plesk 9:

  1. Click on the "0" in the "users" column next to the NEW IP address.
  2. Click "Assign"
  3. Select radio button next to client account name.
  4. Click OK

Step 5: Assign new IP to client domain:

  1. Click on the "Domains" menu.
  2. Click on the domain to be reassigned to new IP.
  3. Click on "Web Hosting Settings"
  4. First option "IP Address" drop down, choose the newly added IP address.
  5. If only one IP address is listed this means the new IP address was not properly assigned to the client account that owns the domain, please see Step 3.

Step 6: Assign DNS reverse mapping for IP address:

  1. Log into admin.1and1.com (or whichever hosting company control panel you use, steps below will vary from hosting company to hosting company).
  2. From "Administration" tab click on "IP Address Overview"
  3. Make note of new IP address, will say "No reverse lookup set." in the Reverse Mapping column.
  4. Click on the IP Address to view "Define Reverse Mapping" settings.
  5. Enter domain name for IP address assignment (ie. domainname.com ) only name and TLD, no www or trailing /
  6. Click save. *note, you must have domain A record and VPS configured before completing this step or you will receive an error.  If you do, wait for DNS to update and try again.

Step 7: Ping domain and confirm new IP address:

  1. open windows command line, or any command line and type: ping domainname.com
  2. Look and make sure it's displaying the new IP addresses when outputting ping information.
  3. Wait until DNS is showing correct IP, may take 24-48 hours.
  4. When you confirm that the domain is running on the new IP, open the browser and check to make sure it's up and running without problems.

Step 8: Generate Certificate Signing Request

  1. Log into your Plesk 9 administration interface.
  2. Click on the "Settings" menu item on left column, then click on "SSL Certificates" under the "Security" menu.
  3. Click on "Add SSL Certificate" at the top.
  4. Enter the following:
    • Certificate Name: (Personalized identifier, can be anything) - DomainName.com SSL
    • Bits: 2048
    • Country: United States
    • State or province: AZ
    • Location (City): Phoenix
    • Organization name (company): Organziation Name
      • Note: I usually grab this from the Godaddy.com Account Owner Information
    • Domain Name: domainname.com (no www or trailing / )
    • E-mail: enter clients e-mail address.
  5. Click on "Request" on the right side of the screen and you will then be returned to the "SSL Certificates" screen.
  6. Click on the name of the new SSL certificate you just created.
  7. Create a new text file and copy and paste the CSR starting from:
    -----BEGIN CERTIFICATE REQUEST-----
    and ending at
    -----END CERTIFICATE REQUEST-----
  8. Save as domainname.csr.txt
  9. Do the same for "Private" key.

Step 9: Request Certificate from Godaddy.com

  1. Log into godaddy.com and click on "SSL Certificates" under the "My Products" menu.
  2. You will see a "New Certificate" in the list, click on "Manage Certificates" next to it.
  3. You will now be taken to the "Secure Certificates Service" page with a list of all certificates.  Next to the new certificate click on: "Request Certificate"
  4. Complete the following information:
    1. Where is your certificate going to be hosted? -> Third Party, or Dedicated Server or Virtual Dedicated Server, without Simple Control Panel. Paste the CSR from your text file in the box that is now displayed.
    2. Please select your certificate issuing organization: Choose either Godaddy.com or Starfield Technologies (I usually go with Godaddy.com because people know godaddy and don't know who or what Starfield is, this is a preference).
    3. Is this certificate for Intel® vProTM? -> No.
  5. Click next.
  6. Confirm the info is correct and click Next.
  7. Click finish.

Step 10: Download Certificate

  1. On the godaddy.com "Manage Certificates" tab, click the check box next to the certificate domain name.
  2. Click the "Download" button.
  3. Server type, choose "Plesk"
  4. Save file.

Step 11: Add certificate to Plesk 9 Server / VPS

  1. Log in to Plesk 9.
  2. Click on the "Settings" menu item on left column, then click on "SSL Certificates" under the "Security" menu.
  3. Click on the name of the certificate to be added.
  4. Under "Upload Certificates" next to "Certificate" click on the Browse button.
  5. Locate the file downloaded from Godaddy.com (usually domainname.com.crt) and then choose "Send file" on the right of the screen.  Godaddy may bundle the certificate into a zip, you must unzip it before uploading.
  6. If you receive no error messages and see hash data under CSR / Private Key / Certificate it was added successfully.

Step 12: Assign Certificate to IP Address.

  1. On Home screen click on "IP Addresses"
  2. Click on the new IP address that was setup for the recently issued SSL certificate domain.
  3. Update the following:
    1. SSL Certificate: Drop down and choose newly installed certificate.
    2. Default Domain: Choose domain name assigned to SSL certificate.

Step 13: Confirm SSL is setup correctly.

  1. In your favorite browser open the new domain using HTTPS, ie: https://www.domainname.com
  2. If you receive an error stating that the site is using an unsigned SSL certificate and you must add an exception, SSL is not working properly.  If the pages loads, SSL is working.
  3. For SSL to be fully active all site elements loading on the page must be loaded using a secure HTTPS URL.  This is irrelevant for relative paths, but anything loaded from an absolute URL that is HTTP will set off a warning in most browsers.  To fix this error, view source for the page and search for http:// so you can identify and correct any unsecured items from bypassing SSL.  Internet explorer is the most obnoxious about warning if content is being loaded from unsecured sources, so it's good to open with IE and see if it freaks out.  Also, don't worry about DOCTYPE or other header "reference" urls that are not HTTPS, it only reports an error for resources loading on the page, e.g. Javascript, CSS, Images

Connect with Us!

Client Testimonials

  • MPS did an excellent job, they were very professional, and responded to our needs in a prompt and timely manner. They did a complete overhaul of our website, and we are very satisfied with the finished product.

    Charles Johnson
    Reboot Remedy

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18