• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved the SSL certificate for mailman

tkalfaoglu

Silver Pleskian
Server operating system version
Alma Linux
Plesk version and microupdate number
Obsidian
Hi.. assume domain.com is our default domain for the server. I generated some certificates for it with Lets Encrypt, and eventually created a wildcard certificate and *.domain.com is using it.
When I try to logon to https://lists.domain.com it gives a warning -- saying that the certificate is only for panel.domain.com and not for lists.domain.com - although as I mentioned, the domain.com is using a wildcard certificate right now..

I tried various things, including setting that certificate as default in the IP Addresses setting, and even creating a
/usr/local/psa/admin/conf/templates/custom/server/mailman.php file to specify a specific certificate:

SSLEngine on
SSLVerifyClient none
SSLCertificateFile "/usr/local/psa/var/certificates/scfoHoWU1"

... but this is ignored, even after PLESK REPAIR WEB domain.com .. When visiting https://lists.domain.com I still get a warning that the certificate is only for panel.domain.com

So, how can I fix the mailman https problem?
 
PS: The above SSLCertificateFile "/usr/local/psa/var/certificates/scfoHoWU1" is the wildcard certificate that Lets Encrypted created for *.domain.com -- I found it by grepping among the certificates in that directory
 
Btw, the custom template file seems to be ignored.
Also, trying to pick a certificate from the pull down list gives "there are 109 more items" blurb after a few items listed. So I cannot pick the correct certificate there.
 
The "there are 109 more items" problem happens in the:

Secure Mail Server​

Select a certificate for securing the mail server.

Select Certificate *

blurb.. it won't let me pick the wildcard certificate..
 
SOLVED the last item - picking the correct sertificate for SECURE MAIL SERVER prompt. apparently you can just write -- don't need the pull down list. I wrote and picked the correct wildcard cert.. but still the mailman problem continues.. bad certificate..
 
Yes, it seems that Apache/Nginx ignore the wildcard certificate for *.domain.com in case domain.com is part of a subscription and when I try to access lists.domain.com.
@IgorG any workaround here?
 
What keeps you from issueing it?
There isn't any component designation when you issue a wildcard LE certificate within Plesk. This needs to be setup by Plesk so that we can use that for the lists. If there is another way, I'm open to hear it.
 
Back
Top