If you have a recent Plesk, it's as simple as configuring in the tools and utilities area, SSL Certificates -> Add Certificate, paste it. Finally, select and activate it to protect Plesk by clicking on its button and making it default. Otherwise, enter the /etc/proftpd.conf file and add ???????        # common settings for all virtual hosts        TLSEngine on        TLSRequired off        TLSLog /var/log/plesk/ftp_tls.log        TLSRSACertificateFile /opt/psa/admin/conf/httpsd.pem        TLSRSACertificateKeyFile /opt/psa/admin/conf/httpsd.pem        # Authenticate clients that want to use FTP over TLS?        TLSVerifyClient off        # Allow SSL/TLS renegotiations when the client requests them, but        # do not force the renegotations.  Some clients do not support        # SSL/TLS renegotiations; when mod_tls forces a renegotiation, these        # clients will close the data connection, or there will be a timeout        # on an idle data connection.        TLSRenegotiate none        # As of ProFTPD 1.3.3rc1, mod_tls only accepts SSL/TLS data connections        # that reuse the SSL session of the control connection, as a security measure.        # Unfortunately, there are some clients (e.g. curl) which do not reuse SSL sessions.        TLSOptions NoSessionReuseRequired