A self-signed SSL certificate can be useful when you need basic encryption for testing or development environments. This guide walks through the process of creating and assigning a self-signed certificate in Plesk using clear, practical steps.
Before You Start
Plesk supports Server Name Indication (SNI), so SSL certificates do not require a dedicated IP address. This applies to most modern server configurations.
Keep in mind that self-signed certificates are not issued by a trusted Certificate Authority. Browsers will display a warning when users visit a site secured with this type of certificate. For public websites, a trusted SSL certificate should be used instead.
Plesk can be installed on servers where you have full administrative access, such as environments using Plesk hosting.
When a Self-Signed Certificate Makes Sense
A self-signed certificate is typically used for:
- Development or staging websites
- Internal tools and private services
- Temporary testing scenarios
It should not be used for production websites that are accessed by the public.
Creating the Certificate in Plesk
Step 1: Open the SSL/TLS section
Log in to the Plesk control panel. From the left sidebar, open Websites & Domains, then click SSL/TLS Certificates.
[Screenshot: Websites & Domains menu in Plesk]
Step 2: Add a new certificate
Click Add SSL/TLS Certificate.
[Screenshot: Add SSL/TLS Certificate button]
Enter a name to identify the certificate inside Plesk. This name is only for internal reference.
Set the key length to 4096 for stronger encryption. Fill in the required fields such as country, city, and organization.
In the domain field, enter the domain you want to secure, for example test.example.com.
[Screenshot: Certificate creation form]
If needed, you can create a wildcard certificate by using *.example.com.
Enter a valid email address and click Self-Signed to generate the certificate.
Assigning the Certificate to the Website
Step 3: Enable SSL for the domain
Go back to Websites & Domains and open Hosting Settings for the domain.
[Screenshot: Hosting Settings option]
Make sure SSL/TLS support is enabled under the security settings.
To ensure all traffic uses encryption, enable the option to permanently redirect HTTP requests to HTTPS using a 301 redirect.
From the certificate list, select the self-signed certificate you just created and click OK.
Checking the Result
Open your browser and visit the website using https://. The connection will be encrypted, but the browser will show a warning confirming that the certificate is self-signed.
Recommended Alternative
For any public-facing service, a trusted SSL certificate is strongly recommended. This is especially important for websites running on cloud servers or dedicated server platforms.
Self-signed certificates should be limited to non-public and short-term use cases only.