Category Archives: Plesk

Plesk Guides, Articles and Discussion

Add DHParam to Plesk Panel

You can fix Logjam for the Plesk Panel by simply adding the standard Nginx dhparam directive to the plesk.conf file.
Very similar to previous posts on adding OCSP and HSTS to Plesk.

First you will need to create your dhparam, you can follow my guide Creating DH Parameters, and then locate the file and edit with your favourite editor…

And add the Nginx ssl_dhparam directive above the certificate entries like so…

Save the file and restart the Plesk server…

And you are good to go.
I hope that helps someone.

Secure Plesk Webmail

Here’s how I install SSL certificates for Horde and Roundcube bundled with Plesk 12.0.18 to remove chain issues, and keep the certificate in scope of Plesk backups.


Firstly, install your webmail certificate in…

And then go to…

Get the file names for the webmail certificate and CA certificate and make a custom horde and roundcube template (paths to follow) adding the following directives.


Apache files (horde.php and roundcube.php)

Nginx File (nginxWebmailPartial.php)

I do this because the CA directives are missing from the default Apache2 templates.


Templates are located here..

copy the above files to

and then edit the files..


You need to find and replace the SSL directive/s in the template files and replace with the ones above.

horde.php line 83, and roundcube.php line 86


nginxWebmailPartial.php, there’s a big chunk you need to remove, lines 10 to 26 (in your file)…

Becomes something like…

You can see I have also added ssl_session_cache in there along with HSTS, OCSP, dhparam and ECDH Curve.
Now regenerate the conf files with…

Your webmail will now be properly secured and you won’t get any chain issues when testing your site at ssllabs.

Please note CentOS paths are different. The psa folder is located in /usr/local/.

Thanks for reading, I am working on formatting this article better so you can copy and paste directives like previous guides, unfortunately the code tags wouldn’t wrap the above php sections.

Add OCSP to Plesk Panel

Here’s a guide on adding OCSP to your Plesk 11.5.30 or Plesk 12.0.18 Panel.
Firstly you need to create a file containing both your intermediate and CA certificate, lets call it domainCA.pem.
create the folder…

and upload domainCA.pem to it.

Now create a file called in

and add the following nginx directives to it…

Next you need to add an include statement for in the plesk.conf file…

Like so…

With the other include directives.

And restart the Plesk server with

You now have OCSP on your Plesk Panel.

You can also add these directives on a per domain basis in the Plesk Panel under

Plesk -> Domains -> yourdomain.tld -> Apache & Nginx Settings -> Additional nginx directives