• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue SSL-certificate integration for mailserver (qmail)

M

marc5

New Pleskian
Hello dear cracks and helpful people,

I have some frustrating problems with Plesk 11.0 + Ubuntu 12.04 LTS.
Searching for a way to secure the mail-server (qmail) with a valid (bought yesterday) SSL-certificate: rapid ssl wildcard
I choosed a wildcard certificate because of the website and the e-mail security (domain and subdomains).

The support of my hoster got the some problem with their experience in such things... and provided this to me: SSL-Zertifikat unter Plesk 12.5 verwalten: So geht's | STRATO
There is nothing about the intermediate certificate mentioned ; (

Can anybody help..?

Many thanks in advance - marc

PS: We can speak german if someone does
 
Last edited:
Thanks a lot sebgonzes : )

Know it works for the website... but not for the e-mails (outlook shows allready the default certificate of parallels panel) : (
Nothing is easy...
 
Well, I am not sure that qmail (and more if it's an version from 10 years ago in plesk 11) is ready for this
 
I found something interesting about SSL-certificates and pop3 / smtp

-
Translation with google translator:
"
Every year: The SSL certificate expires. No problem per se, you can copy or create a new one via the Plesk interface.
However, Plesk also “forgets” to update the certificates for the SMTP server (qmail) and the IMAP and POP3 server (courier-imap). The certificates generated by Plesk can be found in the directory "/ usr / local / psa / var / certificates". Plesk generates all certificates with a random string. The files are then called e.g. cert-AY3mSK. It is best to look for the file date to find out the last one generated.

cp /usr/local/psa/var/certificates/cert-AY3mSK /var/qmail/control/servercert.pem
cp /usr/local/psa/var/certificates/cert-AY3mSK /usr/share/courier-imap/pop3d.pem
cp /usr/local/psa/var/certificates/cert-AY3mSK /usr/share/courier-imap/imapd.pem
service qmail restart
service courier-imap restart

Note: If you have a "real" certificate, you have to attach the certificates of the certification authority to the certificate file for qmail. Plesk stores these in another file with a random string (but of the same date):

cat /usr/local/psa/var/certificates/cert-AY3mSK > /var/qmail/control/servercert.pem
cat /usr/local/psa/var/certificates/cert-832vfh >> /var/qmail/control/servercert.pem
cp /var/qmail/control/servercert.pem /usr/share/courier-imap/pop3d.pem
cp /var/qmail/control/servercert.pem /usr/share/courier-imap/imapd.pem
service qmail restart
service courier-imap restart

Pay attention to single ">" and double ">>" redirection signs!
Before copying, make a backup copy of the relevant files!

Note 2: As Thomas notes in the comments, the rights of the certificate files must match: So with the QMail certificate user qmaild and rights 600, with the courier please look at the other files!
"
See: Plesk: SSL-Zertifikat für qmail & courier IMAP – /var/bergercity/
-
Maybe there is no possibility in the graphic user interface with the Plesk-OS for e-mail-security (Plesk 11.0 + Ubuntu 12.04 LTS)... but it seems there is a possibility with putty.

What do you think..?

Best - marc
 
You must log in or register to reply here.

Similar threads

C
Question How can I secure my Mail with Letsencrypt next to Cloudflares Origin Certificate in Plesk?
Replies
4
Views
1K
cpulove
C
L
Resolved IMAP not working with STARTTLS or SSL/TLS Mailserver Dovecot Problem
Replies
3
Views
4K
lberens
L
R
Resolved Daily mails regarding Let's Encrypt, no certificate used
Replies
1
Views
1K
ReneRoth
R
mschenk
Resolved one mailserver per IP on a dedicated server?
Replies
2
Views
1K
mschenk
mschenk
learning_curve
Resolved SSL Validation Challenges
Replies
2
Views
3K
learning_curve
learning_curve
Back
Top