Hello, One of my clients is not able to access his email via imap-ssl from his mail client because of the self signed certificate. When he accesses the mail server (on plesk), a bypass self-signed certificate window is popping up. I think his client is Windows Live Mail. Anyway i decided to purchase a comodo ssl to fix this. The problem is i really have no idea how to do so. i've purchased the ssl but have not yet requested generation. If i create a csr for a mail.domain.ltd, and i use plesk to install it i think it will only be available for apache and it will require a dedicated IP address (or not via SNI). But for the courier-imap i would have to edit the TLS_CERTFILE entry on /etc/courier-imap/imapd-ssl and pop3d-ssl . And my question is, would this be at all possible? Assigning a CERTFILE will assign it to the whole mailing system, not just for one client. Even if i could, which is very difficult, to get another ip address on plesk just for this cause, how could i setup courier to serve the certificate only for one client? Thank you in advance.