SSL Certificate Problems

SSL Certificate Problems

Installing a Let's Encrypt SSL Certificate

Navigate to the Let's Encrypt Settings

Navigate to the Let's Encrypt settings using the steps below:

Login > Plesk > Websites & Domains > [ domain ] > Dashboard tab > Security section> SSL/TLS Certificates button > Let's Encrypt settings

Install the Certificate

Click on the 'Install' button.

Select Certificate Options

In addition to selecting the `Secure the domain name` option, we also recommend selecting the following options:

  • Include a "www" subdomain for the domain and each selected alias.
  • Secure webmail on this domain.
  • Assign the certificate to the mail domain.

Note: Securing webmail cannot be done during the 2 hours following domain creation, because it requires an Apache restart. Apache restarts every 2 hours, so if you're setting up SSL on a brand new account or a new domain that's just been added, you will need to return to these settings later to activate the webmail security feature.

Click on the 'Get it free' button to install the certificate.

You should see that 'Keep websites secured' is now 'Enabled'.

We also recommend activating the 'Redirect from http to https' option.

Wildcard Certificates

HelioHost does not currently support Wildcard certificates, due to a lack of integration between Plesk and our DNS. We cannot change this setting, so please disregard the message in Plesk suggesting your hosting provider can fix it. Wildcard SSL is actually less secure than installing a certificate on each domain. We recommend installing a certificate on each domain instead.

Troubleshooting

If you have issues with the Let's Encrypt SSL certificate on your domain or subdomain, here are some things to check:

Check if the Certificate is Expired or Invalid

If the certificate is expired or invalid:

  • Reissue the certificate.
  • Wait a full 2 hours.
  • Clear your cache to ensure the changes are applied correctly.

If the Certificate is NOT Expired

If the certificate is not expired:

  • Unassign the certificate from the domain.
  • Reassign the certificate to the domain.
  • Wait a full 2 hours.
  • Clear your cache to ensure the changes are applied correctly.

Ensure Redirect HTTP to HTTPS is Off

If you can't issue a new certificate it might be because your website is redirecting to https. The verification file required to install SSL must be served over http, and if your website redirects to https the install will fail. Make sure you don't have a redirect to https in your .htaccess file, or make an exception to allow the .well-known directory to be served over http. 

# redirect to https but allow http on .well-known
RewriteCond %{HTTPS} !=on
RewriteCond %{THE_REQUEST} !/.well-known/(.*)$ [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Plesk can also redirect to https. To disable this redirect:

  • Login at heliohost.org.
  • Continue to Plesk.
  • Websites & Domains.
  • Hosting & DNS.
  • Hosting.
  • Uncheck the option Redirect visitors from HTTP to HTTPS.

After ensuring that neither .htaccess or Plesk redirect to https try issuing SSL again.

Further Support

If after following the above steps, waiting a full 2 hours, and clearing your cache, the problem is not fixed, please post a topic in the Customer Support forum. Make sure you provide your username, domain name, and any error message(s) received.

Retrieved from "https://wiki.helionet.org/index.php?title=SSL_Certificate_Problems&oldid=2167"

This page was last edited on 26 November 2025, at 00:22.