When you use the LetsEncrypt module it handles the renewals of your encrypted domains without any issue. However it doesn’t appear to have any method to encrypt your plesk login by default. Here is the way to do it manually so that it auto-renews each monthly. One less server admin task for you to deal with.
You need to perform the following steps.
- Create a subdomain you will use for your login.
- Encrypt it with letsencrypt
- Execute the CLI command to add this certificate to your admin panel.
- Create a cron job to update the certificate monthly.
1. Create a subdomain.
This is not absolutely essential, however I found it to be helpful. I use either cp.domain.com or plesk.domain.com
2. Use the LetsEncrypt module to encrypt the subdomain.
This can be done either from the “Websites and Domains” area or from within Extension -> LetsEncrypt.
3. Register the certificate for plesk.
From the command line execute this command;
plesk bin certificate -u "cp cert" -admin -default -key-file /usr/local/psa/var/modules/letsencrypt/etc/live/YOUR-DOMAIN-HERE/privkey.pem -cert-file /usr/local/psa/var/modules/letsencrypt/etc/live/YOUR-DOMAIN-HERE/fullchain.pem
4. Set up the Cron job.
Add this line to your cron.
@monthly plesk bin certificate -u "cp cert" -admin -default -key-file /usr/local/psa/var/modules/letsencrypt/etc/live/YOUR-DOMAIN-HERE/privkey.pem -cert-file /usr/local/psa/var/modules/letsencrypt/etc/live/YOUR-DOMAIN-HERE/fullchain.pem
Leave a Reply