• Hi, Pleskians! We are running a UX testing of our upcoming product intended for server management and monitoring.
    We would like to invite you to have a call with us and have some fun checking our prototype. The agenda is pretty simple - we bring new design and some scenarios that you need to walk through and succeed. We will be watching and taking insights for further development of the design.
    If you would like to participate, please use this link to book a meeting. We will sent the link to the clickable prototype at the meeting.
  • Our UX team believes in the in the power of direct feedback and would like to invite you to participate in interviews, tests, and surveys.
    To stay in the loop and never miss an opportunity to share your thoughts, please subscribe to our UX research program. If you were previously part of the Plesk UX research program, please re-subscribe to continue receiving our invitations.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Forwarded to devs individual domain can't use HTTPS for webmail if webmail.forceHttp=true

E

enduser

Basic Pleskian
Username:

TITLE

individual domain can't use HTTPS for webmail if webmail.forceHttp=true

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

Plesk Obsidian 18.0.48
CentOS 7

PROBLEM DESCRIPTION

Since Plesk for Windows auto redirect webmail HTTP to HTTPS by default even no SSL is installed, so we use webmail.forceHttp=true to disable such redirect.

However, if one domain customer install and set SSL for their webmail, the webmail is still HTTP. It seems that it won't update IIS when webmail.forceHttp=true .

We don't want auto redirect HTTP to HTTPS because webmail with HTTPS always shows invalid SSL error until customer install valid SSL. However using webmail.forceHttp=true that prevent any customer who want to use valid SSL for their webmail.

STEPS TO REPRODUCE

  1. Fresh install Plesk for Windows
  2. add webmail.forceHttp=true in panel.ini
  3. create a subscription
  4. in the subscription, install SSL & apply it to "SSL/TLS certificate for webmail"
  5. IIS > MailEnable WebMail > Bindings > it is still http but not https

ACTUAL RESULT

IIS bindings is still http but not https

EXPECTED RESULT

IIS bindings is https

Alternatively, referring to ChristophRo in the discussion, Plesk may abandon "webmail.forceHttp=true" and un-bundle the automatic http --> https redirect for webmail

ANY ADDITIONAL INFORMATION

Issue - individual domain can't use HTTPS for webmail if webmail.forceHttp=true

YOUR EXPECTATIONS FROM PLESK SERVICE TEAM

Confirm bug
 
Actually, this is expected behaviour. Forcing is forcing. There are no exclusions.

We would suggest either managing redirects manually or creating the corresponding feature request on Plesk UserVoice.

Note: Nowadays, it is highly recommended to use secured connections. That's why force redirection to HTTPS was implemented. Moreover, Plesk provides the possibility to issue free Let's Encrypt certificates so all domains might be secured.
 
You must log in or register to reply here.

Similar threads

E
Issue individual domain can't use HTTPS for webmail if webmail.forceHttp=true
Replies
9
Views
2K
enduser
E
L
Issue When Mail Domain SSL Renews The Cert Reverts To domain.tld
Replies
5
Views
1K
Ladylinux
L
V
Resolved Roundcube config.local.php not read
Replies
3
Views
705
Visnet
V
C
Question How can I secure my Mail with Letsencrypt next to Cloudflares Origin Certificate in Plesk?
Replies
4
Views
944
cpulove
C
T
Issue Forwarded domain can't be secured
Replies
3
Views
905
TomBoB
T
Back
Top