The SSL certificates are signed by an Intermediate CA using a two-tier hierarchy, which enhances the security of your SSL Certificate.
If the proper Intermediate CA is not installed on the server, your customers will see browser errors and may choose not to proceed further and close their browser.
NOTE: The Intermediate CA:
- Supplies the necessary chaining to a trusted root in an SSL connection.
- Must be installed on the server acting as a chain link between the browser root and server certificate.
- Does not control encryption step-up. This function is controlled by the server software.
Step 1: Download the Root and/or Intermediate CA Certificate
- To check which certificate type has been purchased, perform the steps from this link: SO22021
- To download the Root Certificate, refer to SO4785
- Select the Root CA certificate for your SSL product under Managed PKI for SSL section.
- To download the Intermediates CA certificate, refer to INFO 657
- Select the Managed PKI for SSL tab.
- Select the Intermediate CA certificate based on your SSL certificate product
Step 2: Import the Root and Intermediate CA Certificate
- Access the Plesk control panel
- From the left hand menu, Select Domain
- Select the name of the certificate from the list at the bottom of the page
- Look for the dialog box on the page stating CA certificates. Paste the intermediate certificate first then the root certificate second.
NOTE: The order of the certificates is critical. The Intermediate CA certificate must be pasted first, then the Root certificate.
DO NOT include a space between the intermediate certificate and root certificate
(Intermediate CA Certificate)
- Select Send Text
- Select Level Up until you get to the top level
- Select Setup
- At the top, from the drop down menu, select your certificate
- From the left hand menu, select Server > Service Management
- Restart services of your site for IIS or restart your server for Apache