Question How does Plesk handle HTTPS?

[orion]

Does Plesk now that they have Let's Encrypt handle TLS for mail/ftp as well with users domains?
Talking about cPanel:
In the past, when you secured your FTP, Mail server, customers had to use the server hostname with Outlook/Phone, other as "server.example.com"

This was also true for the control panel access. When customers typed example.com/cpanel they were redirected to the hostname as that was the only one secured with SSL.

This was annoying and awful for 2 reasons and a problem for some years. Resellers had the hostname URL exposed for their customer's control panel and every time you migrated customers to another server; they had to manually change the outlook config on every device to the correct server.

When cPanel added Let's Encrypt this was completely solved.

Now customers can use example.com/cpanel to log in to their accounts, and they can also use example.com as their outgoing/incoming mail server. No more changes required if you keep migrating them between servers as they use their own domain name (just DNS update) and everyone is happy now when they access the control panel using their domain name instead of a generic server name. This works of course because all domains have SSL installed with Lets Encrypt.

So let me ask this. How does Plesk Onyx handle this today?

Can each customer use example.com:8443?
This is already annoying (customers having to remember a port), but I expect them not to be redirected to the hostname if they already have an SSL installed.

And email? Can they use their domain or at least mail.example.com? Or they are forced to use the server hostname? Same is true for FTP.

As you can see these are two important questions I have about Plesk Onyx as you can't seriously offer services today without secure connections to all services.

 

[Bitpalast]

Actually, yes, currently when connecting through SSL to mail services, FTP or the control panel, the certificate must be made out for the host name, not a domain name, and the connection is established through the host name. The host is accessible by IP address and domain name, too, but in that case it will not have a proper SSL certificate for the connection.

I think that I have read some place that more than 10 million domains on more than 350.000 servers are actually using it this way, so it cannot be that bad to use a host name for SSL connections. Our company is hosting many thousands of domains, and no customer has ever asked to access the services or the panel through their own domain name. But of course, this is a matter of opinion, whether that is a criteria for selecting a panel.

 

[orion]

Hi Peter, thank you for answering.

I just pointed out that with cPanel users can use mail.example.com or just exampe.com (email software clients are smart enough to connect) instead of providerhostanme.example.com) if the domain already has an SSL installed and the IP is shared for the email server anyway.
Migration is one thing I pointed out. What happens if you move one customer with 100 email accounts from one Plesk server to another Plesk server?

You really expect to tell users that they need to change Outlook settings now on 100 computers, mobile phones, some probably also in remote offices? Nightmare scenario.
It's quite common to move accounts between servers with shared services. Performance issues on a server, hardware repairs, upgrades, or just regular balancing users among a cluster of servers based on load.

This also is a problem for resellers. If resellers have to tell their customers to use the hostname (with your company name), then it's not really a white label solution for them. I noticed the first and only thing that Resellers care the most about is, is hiding their hosting provider.

That may sound dumb because it's very easy for anyone with even basic knowledge to find out the end server, but Resellers do care about this. They want to offer hosting under their brand and name.