• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue Mail on Plesk, web on other provider, how do I create a correct SSL?

carlsson

carlsson

Basic Pleskian
Server operating system version
Ubuntu 20.04.6 LTS
Plesk version and microupdate number
Version 18.0.58 Update #2
Short story:
I have mail for a domain on my Plesk server.
The client bought a web production from a company that are hosting the site on kinsta.com
There is a correct certificate for the web installed, delivered by Kinsta I suppose.
How can I install a correct certificate for the mail?

Long story:
Firstly; I am not a SSL Certificate expert. I use the Lets Encrypt option built in with Plesk, and have done so the last couple of years. It works as intended. Also, I have the web hosting and email server on the same Plesk server for all my domains exept this one.
The client bought a web production from another local company, and changed the name server zone without telling me (yes, I have opinions about that, but that's another problem – now I just want to solve this for the client). It turns out that Kinsta also use _acme-challenge as the subdomain for there SSL verification, which creates problems when I try to use Lets Encrypt with Plesk.

So I guess we have to buy a certificate from another provider, just for the mail server. I have bought some certificates in the past, but I really don't have any preferences.
I am still in control of the DNS so this should be solvable, the question is how?
 
If the nameserver of this domain are with Kinsta, you're best of buying a certificate (valid for "webmail.CUSTOMERDOMAIN.TLD" as that should also automatically include CUSTOMERDOMAIN.TLD) for a couple bucks and manually renew it every year...
For the domain validation you can then select an email address that you have access to. (as DNS and HTTP Validation are not an option)

Yeah, there are still methods to use free SSL certificates with automatic renewal, even for email-only sites on Plesk and when nameservers are running somewhere else.....but a tutorial for that would be way beyond the scope of a forum post. (and also only for experienced sys-admins)
 
Thanks for the input!

The DNS is not with Kinsta, it's with the domain registrar.
I should also mention that Kinsta don't want to/can't produce a cert for nothing but the web hosting.
Free is out of the question, I understand that this comes with a price tag.
 
You must log in or register to reply here.

Similar threads

L
Issue Plesk Mail Only SSL Still Not Functioning Properly
Replies
2
Views
222
alvarezcruz
alvarezcruz
W
Question SSL Cert for Mail-Server
Replies
1
Views
588
Kaspar
K
C
Resolved Plesk mail SSL certificates invalid, common name problems (websites fine)
Replies
4
Views
625
Chucky_213123
C
carlsson
Issue Can't issue SSL certificate!? Help!
Replies
5
Views
1K
Peter Debik
P
V
Issue Plesk SSL certificate clear
Replies
1
Views
351
Sebahat.hadzhi
Sebahat.hadzhi
Back
Top