SSL Certificates¶
Secure your website with HTTPS and gain visitor trust.
-
Encryption
Protects transmitted data from eavesdropping.
-
Authenticity
Verifies you're connecting to the correct server.
-
HTTPS
Without a certificate, browsers display warnings.
-
Auto-renewal
Let's Encrypt certificates renew automatically.
Why Do You Need SSL?¶
- Confidentiality
-
Passwords, forms, and personal data are encrypted.
- Integrity
-
Data cannot be altered during transmission.
- Authentication
-
Certificate verifies you're on the correct server.
Certificate Types¶
| Type | Description | Recommended For |
|---|---|---|
| Let's Encrypt | Free, automatic | Most websites |
| Commercial (OV/EV) | Higher validation level | E-shops, banks |
Recommendation
For most websites, Let's Encrypt is the ideal choice – it's free and renews automatically.
Let's Encrypt Installation¶
Select Domain¶
In Plesk interface, select the domain for certificate installation.
Open SSL/TLS Certificates¶
You'll see the current certificate status and installation options.
Install Let's Encrypt¶
Fill in:
| Field | Value |
|---|---|
| Your email address | |
| Secure www | Check both variants |
Click Get it free.
Secure the www Alias Too¶
We recommend securing both versions:
domain.website.tuke.skwww.domain.website.tuke.sk
Activate Additional Features¶
| Feature | Description |
|---|---|
| Redirect HTTP → HTTPS | Redirects all requests to HTTPS |
| HSTS | Forces browser to use only HTTPS |
| OCSP Stapling | Faster certificate verification |
Uploading Your Own Certificate¶
If you have a certificate from a commercial authority:
- Select Upload certificate you already purchased
- Upload files:
.crt– certificate.key– private key- CA bundle – certificate chain
- Save configuration
Automatic Renewal¶
Let's Encrypt
Certificate renews automatically approximately 30 days before expiration.
In case of issues, you'll receive an email to the address provided during activation.
Security Recommendations¶
Best Practices
- Use TLS 1.2/1.3 – older protocols are vulnerable
- Activate HSTS – prevents SSL stripping attacks
- Enable OCSP Stapling – faster loading
- Redirect all communication to HTTPS
Common Issues¶
Certificate didn't install
DNS records are not configured correctly.
Solution: Check that domain points to the correct server.
Mixed content warning
Page contains HTTP links to images or scripts.
Solution: Change all links to HTTPS or use relative paths.
Certificate expired
Automatic renewal failed.
Solution: Check email or renew certificate manually.