Question SSL error when accessing mail.example.com

[spg_nueve]

Server operating system version

CentOS Linux 7.7.1908 (Core)

Plesk version and microupdate number

Plesk Obsidian 18.0.51

Hello, I have a problem with the ssl certificate of my server's domains.

When accessing through a browser to https://mail.example.com this gives me as not secure since it shows the root ssl certificate of the server (server.com)

I need that when entering https://mail.example.com the certificate is that of the domain, since all the pentesting tools give me a security alert for this issue.

The certificate assigned in the domain is a lets encrypt wildcard and is configured for both webmail and mail.

 

[Alain Ronce]

Hello,
Instead using the subdomain mail you can use webmail and configure this option for your domain.
Using all others subdomain except webmail is not possible with let's encrypt with Plesk, this is a well-known big problem, we have for example lists.example.ext and mailman.
Best Regards
AR

 

[Alain Ronce]

Hello,
Instead using the subdomain mail you can use webmail and configure this option for your domain.
Using all others subdomain except webmail is not possible with let's encrypt with Plesk, this is a well-known big problem, we have for example lists.example.ext and mailman.
Best Regards
AR

correction: "using all others subdomains..." it is, of course, possible to create a subdomain and create a certificate on it, I mean a subdomain name without creating explicitly a subdomain like lists.

 

[mow]

When accessing through a browser to https://mail.example.com this gives me as not secure since it shows the root ssl certificate of the server (server.com)

Just curious, what are you expecting to access at https://mail.example.com/?

 

[spg_nueve]

Solo por curiosidad, ¿a qué espera acceder en https://mail.example.com/?

No espero encontrar nada en mail.example.com

Esta es una preocupación causada por los auditores de seguridad, al encontrar el subdominio sin ssl obtenemos una falla de seguridad.

 

[Kaspar]

The mail prefix of a domain isn't secured by any SSL certificate. Instead you can either use the domain itself (example.com) or the full host name of your server for secured email connections (IMAP/POP/SMTP).