Question SSL - Multiple Domain

[MartinPl]

Hello everyone,


i use plesk for multiple domains on one IP. My domains and subdomain (webmail) have received a certificate from letsencrypt plugin.

How can I create for each individual mailserver a own certificate? many thanks


currently it looks like this:

https://www.domain1.com -> OK

https://webmail.domain1.com -> OK

mailserver: mail.domain1.com -> NOT OK (default certificate)

IP: 1.2.3.4


https://www.domain2.com -> OK

https://webmail.domain2.com -> OK

mailserver: mail.domain2.com -> NOT OK (default certificate)

IP: 1.2.3.4


Plesk Onyx 17.5.3

 

[mr-wolf]

A virtual hosting solution for mail services (smtp, pop, imap) is being worked on and will be made available in the next version of Plesk.

 

[MartinPl]

Hi.
When does this version appear?
Then is it possible to create for each domain a separate certificate with letsencrypt?

 

[mr-wolf]

Hi.
When does this version appear?

I don't know, someone else may answer that.

Then is it possible to create for each domain a separate certificate with letsencrypt?

Yes it does.
Personally I'm not interested in it as it will only be supported by modern mail clients that support SNI.
I have a working solution (needs a wildcard) that works for all mail clients.
As I have long-term client relationships I don't want to alter the "naming policy" every 3 or 4 years.
The one I have is future-proof AND supports older mail clients (which don't need to be that old to fail).

I also don't trust the dynamical nature of LetsEncrypt certificates for something as trivial as mail.
My clients never had to pay anything extra for suddenly having the possibility to have a https-site.
If it fails in the future I have a "decent story to tell" to explain the outage.
I can't tell a decent story if it starts to fail securing the mail.