• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:
    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Issue Mail on Plesk, web on other provider, how do I create a correct SSL?

carlsson

carlsson

Basic Pleskian
Server operating system version
Ubuntu 20.04.6 LTS
Plesk version and microupdate number
Version 18.0.58 Update #2
Short story:
I have mail for a domain on my Plesk server.
The client bought a web production from a company that are hosting the site on kinsta.com
There is a correct certificate for the web installed, delivered by Kinsta I suppose.
How can I install a correct certificate for the mail?

Long story:
Firstly; I am not a SSL Certificate expert. I use the Lets Encrypt option built in with Plesk, and have done so the last couple of years. It works as intended. Also, I have the web hosting and email server on the same Plesk server for all my domains exept this one.
The client bought a web production from another local company, and changed the name server zone without telling me (yes, I have opinions about that, but that's another problem – now I just want to solve this for the client). It turns out that Kinsta also use _acme-challenge as the subdomain for there SSL verification, which creates problems when I try to use Lets Encrypt with Plesk.

So I guess we have to buy a certificate from another provider, just for the mail server. I have bought some certificates in the past, but I really don't have any preferences.
I am still in control of the DNS so this should be solvable, the question is how?
 
If the nameserver of this domain are with Kinsta, you're best of buying a certificate (valid for "webmail.CUSTOMERDOMAIN.TLD" as that should also automatically include CUSTOMERDOMAIN.TLD) for a couple bucks and manually renew it every year...
For the domain validation you can then select an email address that you have access to. (as DNS and HTTP Validation are not an option)

Yeah, there are still methods to use free SSL certificates with automatic renewal, even for email-only sites on Plesk and when nameservers are running somewhere else.....but a tutorial for that would be way beyond the scope of a forum post. (and also only for experienced sys-admins)
 
Thanks for the input!

The DNS is not with Kinsta, it's with the domain registrar.
I should also mention that Kinsta don't want to/can't produce a cert for nothing but the web hosting.
Free is out of the question, I understand that this comes with a price tag.
 
You must log in or register to reply here.

Similar threads

carlsson
Issue Can't issue SSL certificate!? Help!
Replies
5
Views
921
Peter Debik
P
H
Resolved Problem with install Let's Encrypt SSL/TLS certificate
Replies
6
Views
406
HungLuu
H
E
Question Secure mail protocols while website on other server (A to a different IP)
Replies
4
Views
526
easyware
E
jradzuweit
Resolved How to update Let'S Encrypt certificate with SSL It!
Replies
4
Views
386
jradzuweit
jradzuweit
P
Resolved PLESK 18.0.60 Problems to configure mails / Certificates, etc.
Replies
8
Views
840
mow
M
Back
Top