How do I get a SSL certificate with PLESK when I have no SSH


Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: and hosted on also known as

I ran this command:
I have PLESK and was able to get a CSR text.
There is a way to load the .crt file in this Plesk implementation but I did not get how to go from this CSR to the .crt
Let’s encrypt extension on Plesk is not provided because the provider does not offer free certificate, and does not help do it.

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: also known as

I can login to a root shell on my machine (yes or no, or I don’t know): No

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Plesk

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):


Hi @bh26

there are some online sites you can use:

But you have to do that manual (uploading a file to your webserver). And Letsencrypt certificates are only 90 days valide, so you have to do that every 60 - 85 days.

So it’s not a really good solution.


There is a ACME client intergarted to PLESK, with automated renewal


I know but this extension is not available from this hosting provider.


I’ll look at that ZeroSSL site…
I understand this is not an easy solution but apparently there is no other one.
By the way I noticed on this community forum someone who said he was offering a plugin for wordpress.
Is this a good solution since I am using Wordpress for my site?


can you add cronjob? maybe this can work.


Not sure what is a cronjob and how to add it.
Linux et. al is a new world for me.


I don’t use WordPress, but there are a lot of Wordpress - plugins.

But I don’t know if that would work or if support of your hoster is required.

If you have installed your own Wordpress, that may be work.

If you use a standard-WP of your hoster, it may be fail.


I finally generated the key from and uploaded it to my website using the Plesk interface (at least this is possible with this provider).
Everything looks nice but at the end the website still displays “not secured”.
Is it a timing problem or something else?


You have created one certificate with one domain name ( ):
expires in 90 days - 1 entry

But you have two dns entries (non-www and www):

Host T IP-Address is auth. ∑ Queries ∑ Timeout A yes 1 0
AAAA yes A yes 1 0
AAAA yes

That’s good.

And you have a redirect www -> non www. That’s good, one version should be the preferred version.

But the result:

Domainname Http-Status redirect Sec. G 301 0.080 D 200 0.407 H 301 1.417 B 200 1.960 N
Certificate error: RemoteCertificateNameMismatch

Your non-www version has the wrong certificate and is insecure.

So create one certificate with two domain names

and use that.

PS: There is one mixed content:

An image loaded via http.


I am sorry, I don’t understand what you mean by “Your non-www version has the wrong certificate and is insecure.”
I have one certificate only and in my Plesk interface I indicated that I preferred to use better than But if that creates a problem I may just go and stick with
But I just changed it to avoid this possibility but I still do not get a secured site.


One certificate can have one or more domain names.

You should create one certificate with two domain names - +

So create a new Certificate Signing request and use that with ZeroSSL.

You can do that but this isn’t the problem. A domain should always have two dns entries (www + non-www), one correct certificate with both domain names and correct redirects http -> https and https + non-preferred -> https + preferred. It’s not really relevant if the non-www or the www-version is preferred, both versions should answer.


As you can see on thi image the hosting params are for and it’s just a preference to use And for this I have to provide only one certificate.

I have another domain on the same server which is, and after issuing the certificate for this domain, I can call it with and get the lock. it shows it as a secure one.
This site is a redirection from the domain name, but if I call it opens but not secure.
There are certainly some basic knowledge on Domain names/redirection/SSL that I am missing.
I’m going to sleep, maybe something will surge tomorrow.

closed #14

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.