my own certificate for plesk webmail

[LucaRizzuti]

Hello

i want use my own self signed certificate for plesk webmail on
a domain i have created.
This is the actual situation:
i have created the domain mydomain.com
than the email [email protected].
I have accessed http://webmail.mydomain.com and all seems to work
than i try https://webmail.mydomain.com and work ok (except for nginx bug).
At this point i make and installed a self signed certificate in the plesk panel for
webmail.mydomain.com.

But....

Plesk configure apache for the originale plesk self created certificate and not
the new one i have created.

The question...

is: there is a plesk way to tell apache "Use the certificate i have created for the webmail.mydomain.com"?

Obviously in Plesk web panel i can't find any mention to the domain webmail.mydomain.com
to set the correct certificate.

Best regards

Luca Rizzuti

 

[abdi]

There is already an active thread here on how to do that ...do a little search.

 

[LucaRizzuti]

Hello Abdi, thank you for your reply

i have done some search for webmail+ssl and webmail+https,
the only thread discussing problem like my one is:
http://forum.parallels.com/showthread.php?t=261901

but is not my specific use case, the final result i want is ~20 domains with 3rd level webmail and one
SSL certificate for each of them.

 

[Faris Raouf]

I can see that https://webmail.any-domain.com is using a default Plesk self-signed certificate and not the certificate installed via plesk to protect the panel itself. I had never noticed this until now.

Take a look at /usr/local/psa/admin/conf/generated/1234567890.0987654321_horde.include (your numbers will be different -- but you'll find the file).

This is the file containing the horde apache configuration.

In there you will see a couple of lines like this:

SSLCertificateFile "/usr/local/psa/var/certificates/certHabcdefg"
(the "H" in "certH" is for horde, I think, as all the others are Cert-something rather than CertHsomething).

That certificate file is the one that will be used by horde.

Back that file up, then replace it with your complete self-signed certificate, consiting of the private key and certificate pasted one after the other. Restart apache.

See if that works.

WARNING: I've not tried this myself, but it seems logical that it should work.

See Abdi's post #6 in the thread he pointed to.

Faris.

 

[LucaRizzuti]

I will try your solution,
but i think it is right for one domain only.
If i add 2 or more domains to my server the webmail parts are
a server alias for the same apache virtual host.

I have not one horde config file for each domain, but a
single /opt/psa/admin/conf/webmail_horde_bootstrap.conf
with one include for each domain.

Include '/opt/psa/admin/conf/generated/13542747930.73994800_provadomain1_com_webmail.include'
Include '/opt/psa/admin/conf/generated/13543005340.00264800_provadomain2_com_webmail.include'

the included files contain a single server alias directive for apache

ServerAlias "webmail.provadomain1.com" for the first
and
ServerAlias "webmail.provadomain2.com" for the second

Without a dedicated virtualhost for each webmail i can't use a dedicated certificate for each domain.

I think i must disable webmail by plesk and make a webmail by my self.

 

[Faris Raouf]

Ah. You want a different certificate for each webmail.domain.tld? OK.

Yes, I think you'd need to do things differently to achieve that - something like you suggest should work