Skip to content

Install Free SSL certificate – Plesk (GoDaddy)

This tutorial gives step-by-step instructions on how to install a free SSL certificate for your website hosted on GoDaddy Windows Hosting (Plesk)

As we wouldn’t have direct access to the shared hosting server, we will generate the SSL certificate manually on a Linux machine using the following tools: 

  1. certbot – LetsEncrypt
  2. dig

OS: Ubuntu (20.04)

Click here on how to install certbot?

Assuming that you have certbot installed. Let’s get started!

The Steps

1. Launch the terminal in Ubuntu and type the following command 

sudo certbot certonly --manual --preferred-challenges dns

certbot command

Challenge is a way to ensure that you have the custody of the domain name for which you are creating the SSL certificate. 

There are two types of challenges – dns & http. I preferred the dns challenge as setting up http challenge didn’t work for me through GoDaddy Plesk as I kept getting “Not Found” error when trying to access it.  You can read more about the “http” challenge here.

When using the dns challenge, certbot will ask you to place a TXT DNS record with specific contents under the domain name consisting of the hostname for which you want a certificate issued, prepended by _acme-challenge 

DNS challenge didn’t work the way it has been described in the letsencrypt documentation. We’ll talk about it shortly. 

2. Enter your domain name

As you run the command from step 1, you’ll be prompted to enter your domain name. 

Enter domain name

If your domain name is set to be accessed as then enter it with “www” when prompted, else if it is set to just then as is.

3. “Are you OK with your IP being logged?” 

Type “Y” and proceed. 

Are you Ok with your IP being logged

4. Deploy a DNS TXT record for your domain name. 

Copy the generated value to be deployed as DNS TXT record.

“- – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – 

Please deploy a DNS TXT record under the name with the following value:  


Before continuing, verify the record is deployed.” 

TXT DNS record generated

5. Sign-in to GoDaddy 

Go to My Products -> Domains List -> DNS.

Click “Add”.


6. Adding TXT record

If your domain setting is such that it starts with “www” then give the DNS entry as follows: 

Host: _acme-challenge.www

TXT Value: FzvbRHWLv7w***************************** 

Do not give complete domain name in the “Host”. 

Adding TXT Record

If you’re setting up a domain that starts as then give the DNS entry as follows 

Host: _acme-challenge 

TXT Value: FzvbRHWLv7w***************************** 

In the documentation it is mentioned to add the domain name, but it didn’t work for me. So, no need to give the complete domain name in Host.

7. Using dig utility (Not a mandatory step, but an important one to avoid rework) 

It takes a few seconds/minutes for the TXT record to get updated. To test whether it has  been updated or not “dig” utility comes in handy.

Run the following command:

dig -t txt

Run this command a few times and once the TXT record is updated you will see the retrieved value.

dig command output

8. Press Enter to Continue – Certbot

In case you skipped step 7, ensure that you have waited enough before proceeding. In case the TXT record has not been updated, you’ll have to start from step 1 again. 😊 

Flip back to the terminal where you’d executed the certbot command.

Generate certificate

Press Enter 

Once you do this, the validity check will be carried out and if successful the certificates will be generated at the following location: 


Access the path as root. (sudo su)

9. The final files

Final certificate files

The two files that we’d use are

  • fullchain.pem 
  • privkey.pem

10. Head to Plesk Admin

Navigate to website & domains.

Websites & Domains Menu

Go to your website details 

Click “SSL/TLS Certificates”.

SSL TLS Certificates Option

Click “Add SSL/TLS Certificates”.

Add SSL TLS Certificate Button

Enter a “Certificate Name”.

You can give any custom name.

Give certificate name

Scroll down to the Private Key* section and paste the entire content from your privkey.pem file in it. (Include ——BEGIN PRIVATE KEY——  and ——END PRIVATE KEY——-)

Private Key Text Box

Paste the content from fullchain.pem in the text box Certifcate(*.crt) * (Include —–BEGIN CERTIFICATE—— and —–END CERTIFICATE——)

Certificate textbox

Click “Upload Certificate”.

Upload Certificate Button

Upload Successful.

SSL Certificate Upload Successful

11. Selecting the added SSL certificate

Navigate to “Hosting Settings” under “Websites & Domains” for your website

Hosting Settings

Go to “Security” section.

Check the SSL & Permanent redirect checkboxes. 

From the “Certificate” dropdown, select the newly created SSL certificate and scroll down to click “Apply”.

Security Section Checkboxes and Dropdown

12. Your SSL Certificate enabled website

Go to your website and see the padlock icon near the domain, the SSL certificate is now enabled. 




SSL Enabled

13. Delete the TXT record from GoDaddy DNS settings

Don’t forget to delete the TXT record that you added in Godaddy.

More Information

You can find the SSL certificate installation manual here.

Important info: Let’s Encrypt certificates expire after 90 days.


There could be a case where the certificate is valid, but it may still show your connection is not secure when you click the padlock icon. The possible reason is:

  • The on page urls for links, images, scripts etc. could be “http”. Modify them to “https” and it should resolve the issue.

If you face any issues, do comment, will do my best to help you.

Leave a Reply

Your email address will not be published. Required fields are marked *