• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Issue SSL-certificate integration for mailserver (qmail)

M

marc5

New Pleskian
Hello dear cracks and helpful people,

I have some frustrating problems with Plesk 11.0 + Ubuntu 12.04 LTS.
Searching for a way to secure the mail-server (qmail) with a valid (bought yesterday) SSL-certificate: rapid ssl wildcard
I choosed a wildcard certificate because of the website and the e-mail security (domain and subdomains).

The support of my hoster got the some problem with their experience in such things... and provided this to me: SSL-Zertifikat unter Plesk 12.5 verwalten: So geht's | STRATO
There is nothing about the intermediate certificate mentioned ; (

Can anybody help..?

Many thanks in advance - marc

PS: We can speak german if someone does
 
Last edited:
Thanks a lot sebgonzes : )

Know it works for the website... but not for the e-mails (outlook shows allready the default certificate of parallels panel) : (
Nothing is easy...
 
Well, I am not sure that qmail (and more if it's an version from 10 years ago in plesk 11) is ready for this
 
I found something interesting about SSL-certificates and pop3 / smtp

-
Translation with google translator:
"
Every year: The SSL certificate expires. No problem per se, you can copy or create a new one via the Plesk interface.
However, Plesk also “forgets” to update the certificates for the SMTP server (qmail) and the IMAP and POP3 server (courier-imap). The certificates generated by Plesk can be found in the directory "/ usr / local / psa / var / certificates". Plesk generates all certificates with a random string. The files are then called e.g. cert-AY3mSK. It is best to look for the file date to find out the last one generated.

cp /usr/local/psa/var/certificates/cert-AY3mSK /var/qmail/control/servercert.pem
cp /usr/local/psa/var/certificates/cert-AY3mSK /usr/share/courier-imap/pop3d.pem
cp /usr/local/psa/var/certificates/cert-AY3mSK /usr/share/courier-imap/imapd.pem
service qmail restart
service courier-imap restart

Note: If you have a "real" certificate, you have to attach the certificates of the certification authority to the certificate file for qmail. Plesk stores these in another file with a random string (but of the same date):

cat /usr/local/psa/var/certificates/cert-AY3mSK > /var/qmail/control/servercert.pem
cat /usr/local/psa/var/certificates/cert-832vfh >> /var/qmail/control/servercert.pem
cp /var/qmail/control/servercert.pem /usr/share/courier-imap/pop3d.pem
cp /var/qmail/control/servercert.pem /usr/share/courier-imap/imapd.pem
service qmail restart
service courier-imap restart

Pay attention to single ">" and double ">>" redirection signs!
Before copying, make a backup copy of the relevant files!

Note 2: As Thomas notes in the comments, the rights of the certificate files must match: So with the QMail certificate user qmaild and rights 600, with the courier please look at the other files!
"
See: Plesk: SSL-Zertifikat für qmail & courier IMAP – /var/bergercity/
-
Maybe there is no possibility in the graphic user interface with the Plesk-OS for e-mail-security (Plesk 11.0 + Ubuntu 12.04 LTS)... but it seems there is a possibility with putty.

What do you think..?

Best - marc
 
You must log in or register to reply here.

Similar threads

L
Resolved IMAP not working with STARTTLS or SSL/TLS Mailserver Dovecot Problem
Replies
3
Views
2K
lberens
L
learning_curve
Resolved SSL Validation Challenges
Replies
2
Views
2K
learning_curve
learning_curve
Back
Top