Important Things to Know before Installing an SSL Certificate
Part 3 of 4 of SSL for Newbies
When considering an SSL certificate for your website, there are a few points to keep in mind prior to purchasing.
- Multiple SSL Certificates with SNI ⤵
- SSL Certificates are Issued on an Annual Basis ⤵
- SSL Requires a Dedicated IP Address ⤵
- Changing to a Dedicated IP Address Requires Time to Propagate ⤵
- Only One SSL Certificate per Plesk Control Panel ⤵
- You Can Have More Than One Domain or Subdomain on an SSL Certificate ⤵
Linux
Multiple SSL Certificates with SNI
Servers with cPanel versions 11.38 and above are able to utilize Server Name Indication (SNI) to allow a server to present multiple certificates on the same IP address and port number which allows multiple secure (HTTPS) websites (or any other Service over TLS) to be served off the same IP address without requiring all those sites to use the same certificate.
To make use of SNI practical, it is necessary that the vast majority of users use web browsers that support it. Users whose browsers do not support SNI will be presented with a default certificate and hence are likely to receive certificate warnings.
| Software | Supported |
|---|---|
| Internet Explorer | ✔ |
| Mozilla Firefox | ✔ |
| Safari | ✔ |
| Google Chrome | ✔ |
| BlackBerry 10 | ✔ |
| BlackBerry OS | ✘ |
| elinks | ✘ |
| Windows Mobile | ✔ |
| Android default browser | ✔ |
SSL Certificates Are Issued on an Annual Basis
SSL Certificates are usually purchased with a 1-year expiration date, although multi-year SSL certificates are also available by contacting our Billing team. Before a certificate expires, you will need to purchase a new SSL certificate with a new expiration date.
Despite sometimes being referred to as renewing an SSL certificate, technically you are purchasing a new certificate with a new expiration date. Although typically we are able to process SSL Certificate orders within 24 hours, due to the potentiality for complications, we recommend that you purchase a new SSL certificate at least one week prior to the expiration of your current SSL certificate.
Windows
SSL Requires a Dedicated IP Address
A private SSL certificate requires its own dedicated IP address. You can add a dedicated IP to the Enterprise plan for free. For all other packages, the price of a dedicated IP address is $4 per month. When ordering an SSL certificate, a dedicated IP address will be added to your account automatically unless it already has one.
Changing to a Dedicated IP Address Requires Time to Propagate
When switching to a dedicated IP, the IP address of your website will change, and the DNS will subsequently need to propagate (update) worldwide, which requires approximately 4 to 8 hours.
This means that some visitors will be able to view your website at the new IP address immediately, while others will not be able to see it for up to 8 hours after the change to a dedicated IP address. Planning ahead can minimize the impact. For example, we don't recommend switching to a dedicated IP address when you are in the middle of a promotion or advertising campaign.
Only One SSL certificate per Plesk Control Panel
On all of our accounts that utilize Plesk (such as shared, certain VPS accounts & Windows dedicated hosting), there is a technical limitation of one SSL certificate and one dedicated IP per Plesk Control Panel. If you would like to have more than one SSL certificate (for a different domain or subdomain), you will need to create another Plesk Control Panel. If you have a shared account, this can be accomplished by adding another shared account or by upgrading to a dedicated plan. If you already have a Windows dedicated server, you can create a new account in the Plesk Control Panel for the domain in question.
More Than One Secured Domain Per Certificate Allowed
Although there is a limit to the number of SSL Certificates per individual Plesk Control Panel, it is possible to have more than one secured domain name or subdomain incorporated into a single SSL Certificate. This is achieved by purchasing a multi-domain SSL certificate or a wildcard SSL certificate, Although more expensive than a regular, single-domain private SSL, you are able to have all the secured domains and subdomains within a single account. They all can share the same dedicated IP address, which saves both the cost of maintaining separate accounts and purchasing more than one dedicated IP.
SSL For Newbies Series
- Part 1: What is SSL / Secure Certificate?
- Part 2: What type of SSL Secure Certificate do I need?
- Part 3: Important Things You Should Know Before Installing an SSL Certificate
- Part 4: How do I get an SSL Certificate?