• The APS Catalog has been deprecated and removed from all Plesk Obsidian versions.
    Applications already installed from the APS Catalog will continue working. However, Plesk will no longer provide support for APS applications.
  • Please be aware: with the Plesk Obsidian 18.0.78 release, the support for the ngx_pagespeed.so module will be deprecated and removed from the sw-nginx package.

Question Let's Encrypt Extension

UweP

UweP

Regular Pleskian
With the Plesk Let's Encrypt Extension can we secure plesk and webmails automatically too? oO
 
You can secure plesk,add host name as own hosting space,than log in to and add lets encrypt SSL as you do for any domain.After that go to tool/server setting and select that SSL as plesk default ssl
 
Just to say ...you can do it even more professional..with just one more IP.Set that IP as dedicated for hostname..than add .htaccess rule to redirect IP to hostname...just in case someone go through Ip...
 
UweP said:
With the Plesk Let's Encrypt Extension can we secure plesk and webmails automatically too? oO
Click to expand...

Plesk, yes, webmail, no. You can't use let's encrypt to secure webmail. Its a nice idea, but technically impossible Here is why:

Let's Encrypt don't create wildcards, that not a Plesk issue, Let's encrypt simply don't dont do wildcards. you need a wildcard cert to use the "also secure webmail" feature.

Lets take domain example.com as example
The certificate generated bij Let's Encrypt is for example.com and www.example.com.

The webmail url is always webmail.example.com, the certificate for example.com and www.example.com will give a name mismatch error on subdomain webmail.example.com. There is no way to create a Let's Encrypt certificate for a webmail subdomain because the .well-known can not be read by Let's encrypt.

The only way to use the "also use certificate for webmail" feature, is when you buy a wildcard certificate.

regards
Jan
 
Linulex said:
The only way to use the "also use certificate for webmail" feature, is when you buy a wildcard certificate.
Click to expand...

Sorry, but this statement is incorrect. Pls. have a look at one of my previous forum posts: => #13
 
UFHH01 said:
Sorry, but this statement is incorrect. Pls. have a look at one of my previous forum posts: => #13
Click to expand...

Maybe its technically possible, but not in the real world because this must be run as root, even a user with full ssh access (/bin/bash) can't run this.

-bash-4.1$ plesk bin extension --exec letsencrypt -d linulexhosting.nl
Could not open Repository at "/etc/sw/keys": Cannot open file
Error: must run as root.
exit status 1

The whole point of plesk and something like the Let's Encrypt add-on is that users can do it them self without interference of the sys-admin.

regards
Jan
 
You must log in or register to reply here.

Similar threads

D
Question How to determine renewal period for ACME SSL?
Replies
3
Views
490
Sebahat.hadzhi
Sebahat.hadzhi
M
Question Let's encrypt certificate emails do not contain certificate details
Replies
2
Views
1K
MHC_1
M
T
Question Let's Encrypt SSL certificate issuance on new subdomain take too long
Replies
2
Views
2K
tertek
T
G
Issue Issue with duplicate SSL Certificate
Replies
9
Views
5K
Gerardo Fernandez
G
Talistech
Resolved Typo in the help section of the sslit extenion
Replies
3
Views
3K
Sebahat.hadzhi
Sebahat.hadzhi
Back
Top