• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Forwarded to devs individual domain can't use HTTPS for webmail if webmail.forceHttp=true

enduser

Basic Pleskian
Username:

TITLE

individual domain can't use HTTPS for webmail if webmail.forceHttp=true

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

Plesk Obsidian 18.0.48
CentOS 7

PROBLEM DESCRIPTION

Since Plesk for Windows auto redirect webmail HTTP to HTTPS by default even no SSL is installed, so we use webmail.forceHttp=true to disable such redirect.

However, if one domain customer install and set SSL for their webmail, the webmail is still HTTP. It seems that it won't update IIS when webmail.forceHttp=true .

We don't want auto redirect HTTP to HTTPS because webmail with HTTPS always shows invalid SSL error until customer install valid SSL. However using webmail.forceHttp=true that prevent any customer who want to use valid SSL for their webmail.

STEPS TO REPRODUCE

  1. Fresh install Plesk for Windows
  2. add webmail.forceHttp=true in panel.ini
  3. create a subscription
  4. in the subscription, install SSL & apply it to "SSL/TLS certificate for webmail"
  5. IIS > MailEnable WebMail > Bindings > it is still http but not https

ACTUAL RESULT

IIS bindings is still http but not https

EXPECTED RESULT

IIS bindings is https

Alternatively, referring to ChristophRo in the discussion, Plesk may abandon "webmail.forceHttp=true" and un-bundle the automatic http --> https redirect for webmail

ANY ADDITIONAL INFORMATION

Issue - individual domain can't use HTTPS for webmail if webmail.forceHttp=true

YOUR EXPECTATIONS FROM PLESK SERVICE TEAM

Confirm bug
 
Actually, this is expected behaviour. Forcing is forcing. There are no exclusions.

We would suggest either managing redirects manually or creating the corresponding feature request on Plesk UserVoice.

Note: Nowadays, it is highly recommended to use secured connections. That's why force redirection to HTTPS was implemented. Moreover, Plesk provides the possibility to issue free Let's Encrypt certificates so all domains might be secured.
 
Back
Top