Difference between revisions of "Installing a Let's Encrypt certificate"

From EN Ikoula wiki
⧼vector-jumptonavigation⧽ ⧼vector-jumptosearch⧽
(Created page with "<span data-link_translate_fr_title="Installation d'un certificat Let's Encrypt" data-link_translate_fr_url="Installation d'un certificat Let's Encrypt"></span>:fr:Installat...")
 
(No difference)

Latest revision as of 18:08, 3 March 2023

fr:Installation d'un certificat Let's Encrypt
This article has been created by an automatic translation software. You can view the article source here.

The free SSL certificate from Let's Encrypt

LetsEncrypt.png

The Let's Encrypt extension of Plesk allows you to secure your server with free SSL/TLS certificates from Let's Encrypt, a free and open source Certificate Authority.
You can secure the mail server, as well as any hosted domain, subdomain and domain alias.
Securing your server with Let's Encrypt certificates is quick and easy. It only takes a few clicks from the Plesk interface.
The Let's Encrypt extension automatically keeps all issued certificates up to date.


Requirements for the installation of the certificate

To install a Let's encrypt SSL certificate, there are certain prerequisites:

  • The domain name must point to the IP address of the hosting
  • The site must be reachable

The domain name must point to the IP address of the hosting * The site must be reachable * Know the service that manages the DNS zone for your domain name

Votre zone DNS peut être gérée par un service dans votre espace client Ikoula ou encore par service Plesk de l'hébergement.

To find out which service manages the zone, the site DNS Checker references the names of the servers.
You must enter the domain name in the field provided for this purpose and select the NS field.


Dns checker.png

The DNS zones managed on Plesk have as name servers : 

   ns1.ikoula.nl
   ns2.host2vps.com
   linhebXX.ikoula.com (for a Linux server)
   winhebXX.ikoula.com (for a Windows server)

The DNS zones managed by the client space have name servers : 

   ns4.ikoula.com
   ns5.ikoula.com


Setting up the certificate on a domain managed by Plesk

You need to be connected to the Plesk interface to perform these operations. Accéder à mon interface Plesk

In the Web Site and Domains tab, go to SSL/TLS Certificates'


Plesk SSL.png


Then select Install a free basic certificate provided by Let's Encrypt'


Plesk LetsEncrypt.png


A new page will open and you will have to enter a valid e-mail address if you have not done so.

Plesk Secure.png

Activate the desired options.

  • Secure the domain name

This option can be disabled if the site is managed externally and you want to use the SSL certificate only for the email service.

  • Protect the Wildcard domain (including www and webmail)

If you use subdomains and want to protect them with the same certificate as well.

This option allows the automatic creation of a TXT record in the DNS zone.

It is only available if the domain's DNS zone is administered in Plesk.

  • Enable the option "protect the www subdomain for the domain and all selected aliases".
  • If necessary, enable the "Protect webmail on this domain" option.

This way, the webmail will also be secured.

  • Assign the certificate to the mail domain


Once these steps have been completed, it takes 10 to 30 minutes for DNS replication.

Une fois ce délais écoulé, il faut cliquer sur "Recharger" et le certificat sera généré.


Setting up the certificate on a domain managed by the Customer Centre

The installation of the Let's Encrypt certificate will not be very different from the previous steps.

Unlike the DNS zone managed on the Plesk server, the DNS entries are not automatic and must be entered manually from your Customer area


Plesk Wildcard.png


In the Dns Management Migrated service, choose your domain name to access the DNS zone management.

You then need to create a TXT field for the domain '_acme-challenge.yourdomainname.tld' with the content requested by Plesk.

Here you need to add the record tiDYhh0klLPltq_lPAeKb9jmuxsUyZ-1WWnUXQnJX-s


DNS Plesk SSL.png

Before reloading the emission request, it is necessary to check the good propagation of the record '_acme-challenge.votrerenomdedomaine.tld'.

Once these operations have been carried out, it takes 10 to 30 minutes for the DNS replication.

The website DNS Checker site also references the TXT records.

You must enter _acme-challenge.yourdomainname.tld and choose the TXT option

Une fois ce délais écoulé, il faut cliquer sur "Recharger" et le certificat sera généré.


Renewal of the certificate

Certificate renewal is automatic if the DNS zone is managed by PLESK, otherwise the certificate must be renewed every 3 months.

If you wish to opt for an automatic renewal and your zones are managed by your customer area, you can contact the technical support to request a migration to a more recent server.


If you have encountered any difficulties in following this article, or if you wish to provide any information concerning it, our technical support is at your disposal:

  • 24 hours a day, 7 days a week by ticket from your Customer Area

Retrieved from "https://en-wiki.ikoula.com/index.php?title=Installing_a_Let%27s_Encrypt_certificate&oldid=12854"