Installing CAcert certificates on Plesk

I created this HOWTO in Plesk 7 - the latest version is 7.5 so there may be some differences in certificate setup.

Plesk is a multiplatform hosting system, used by webhosts to manage multiple user (reseller) accounts. It is quite intuitive to use in its current version.

Most reseller accounts don't come with the option of using SSL (https) to access web pages, but it can be enabled as an optional extra quite cheaply. However, certificates signed by a recognised CA cost more - your reseller might offer to set one up with Thawte or GeoTrust. Here, we'll be using the free CAcert option!

Once you have created your private key, submitted your certificate signing request to CAcert and retrieved your certificate, you can install it on your account, and start using SSL.

1. Log in and click on your domain name. Under 'Services', click on the 'Certificates' icon.

2. Click on the 'Add New Certificate' icon.

3. You will be presented with the option to create a self-signed key or request one signed by the server. Neither of these are useful here, so ignore the 'Preferences' section.

The box at the very top is for your certificate's name, which is required. This is just for your reference, so give it any 'friendly' name you like. Something like 'CAcert-2005-01-01' might be good, including the date you created the certificate.

4. Scroll down the page and you see you have two options for installing your CAcert certificate: 'Upload certificate files' or 'Upload certificate as text' - either way, you need to submit your private key, public certificate (signed by CAcert), and the CAcert root cert (from You can upload these by browsing to the files saved on your disk, or cutting and pasting them into the bigger windows below. The result is the same either way.

5. Here are examples of files chosen in the 'Upload certificate files' section (leaving the lower fields blank)...

6. ...and here is an example of cutting and pasting into the 'Upload certificate as text' (leaving the upper fields blank)

7. Click 'Send file' or 'Send text', depending on which method you used.

8. If all is well, you'll go back to the Certificates page and see your certificate listed under the name you gave it. Under the columns RKCA, you will see colourful icons under KCA, signifying that your private key, public certificate and authority key are installed. The R for certificate request remains greyed out, as we don't need to upload it for our method.

9. Log out of Plesk and test your certificate by visiting your domain via SSL, e.g. . If you have the CAcert root cert installed in your browser, you shouldn't get any prompts. You can check the certificate's properties by clicking on the padlock icon, just to be sure all is well.