• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Question Again: Let's Encrypt & Postfix

skot1708

skot1708

New Pleskian
Hey Folks,

I think I've read all topics about setting up a correct Mail-Setup with Plesk Onyx and Postfix for our customers - but still got "some" problems.

What I've done so far:
- I've changed the hostname to server.our-domain.de
- I've added the subdomain server.our-domain.de at Plesk and assigned an Let's Encrypt SSL-Certificate
- I assigned the Certificat eat Preferences --> SSL to Secure Plesk AND Mail-Server
- At the Customer Domains I changed the DNS MX Records to server.our-domain.de
- The IP correctly resolves to server.our-domain.de
- Our customers all use server.our-domain.de as imap/smtp adress

But if I check the SSL with a customer Domain here: https://ssl-tools.net/mailservers it says: Hostname Mismatch.
If i run checktls.com with a customer mail-adress everything seems to be fine.

Some customers get Certificate errors sometimes, others not. Have I made any general mistakes?
What's up with the automatic DNS entry like mail.customer1.de - to my understanding I don't need them?

Thank you in advanced & kind regards

Sascha
 
skot1708 said:
Hey Folks,

I think I've read all topics about setting up a correct Mail-Setup with Plesk Onyx and Postfix for our customers - but still got "some" problems.

What I've done so far:
- I've changed the hostname to server.our-domain.de
- I've added the subdomain server.our-domain.de at Plesk and assigned an Let's Encrypt SSL-Certificate
- I assigned the Certificat eat Preferences --> SSL to Secure Plesk AND Mail-Server
- At the Customer Domains I changed the DNS MX Records to server.our-domain.de
- The IP correctly resolves to server.our-domain.de
- Our customers all use server.our-domain.de as imap/smtp adress

But if I check the SSL with a customer Domain here: https://ssl-tools.net/mailservers it says: Hostname Mismatch.
If i run checktls.com with a customer mail-adress everything seems to be fine.

Some customers get Certificate errors sometimes, others not. Have I made any general mistakes?
What's up with the automatic DNS entry like mail.customer1.de - to my understanding I don't need them?

Thank you in advanced & kind regards

Sascha
Click to expand...

Hello @skot1708 ,
you can check your ssl certificate with CryptCheck , just try usual port like 993,995,465,587.
 
I had a similar problem, the certificate must cover all third-level domains, ie smtp.domain.tld is required a certificate for the following or in a default wildcard certificate:
  • smtp
  • mail
  • pop
  • pop3

I hope I've helped.
 
You must log in or register to reply here.

Similar threads

nornagest
Question How to secure different access domains for Plesk
Replies
2
Views
952
Peter Debik
P
D
Issue Lets Encrypt Not Successful over port 80
Replies
8
Views
316
Daiv
D
C
Issue How to install SSL Lets encrypt only for mail.mydomain.com and webmail.mydomain.com?
Replies
1
Views
996
Peter Debik
P
carlsson
Issue Mail on Plesk, web on other provider, how do I create a correct SSL?
Replies
2
Views
137
carlsson
carlsson
Hangover2
Forwarded to devs SSL It! breaks renewal and usage of Let's Encrypt wildcard certificates when subdomains are involved
2
Replies
28
Views
5K
marcoherzog
M
Back
Top