• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Dovecot / Postfix // multiple SSL certificates for multiple IPs

southy

Basic Pleskian
The second-most wanted new feature according to your very own uservoice site is about the issue of allowing multiple SSL certificates on the SMTP / IMAP Servers.

Obviously for users that do only use shared IPs, the only way to implement multiple certificates would be SNI.
Yes, e.g. Dovecot does support SNI. However, that won't help us much, becuase this would also have to be supported by the clients of the users. And I suppose we won't see that happen anytime soon.

But it seems that is not much of a problem, because there's a much simpler way to get to the desired result:
Simply allow to configure multiple IPs in postfix / dovecot with different certificates on each.
All clients would be getting a dedicated IP and the problem would be solved.

With manual configuration this is already possible - dovecot & postfix can be configured to answer to multiple IPs with different SSL certificates - there's quite some documentation about this if you google a bit.

However this is where the old plesk problem kicks in: you can't properly manually change stuff like this on commandline, because the next Plesk update may revert all changes or break stuff.

So, plesk team: Could you please, pretty pretty PLEASE not concentrate on _AGAIN_ changing totally and utterly unimportant look-and-feel details, but implement a feature that's vital in 2015?!

Thanks!
 
I disagree this is vital. Using valuable IP addresses for something like SSL on an SMTP server, sounds a bit like 1990.. We wouldn't accept an IP request just for that. There are better alternatives, like using 1 hostname for your SMTP/POP/IMAP servers.
 
Back
Top