• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Issue When Mail Domain SSL Renews The Cert Reverts To domain.tld

L

Ladylinux

Basic Pleskian
Server operating system version
Debian 11
Plesk version and microupdate number
18.0.65
Hello,

So this is a reoccurring annoyance. I have some accounts that I migrated off Cpanel and Hsphere that customers use mail.domain.tld for incoming and outgoing mail server.

I had to manually create a mail.domain.tld sub domain and then bind its cert to its mail settings.

When the domain mail.domain.tld renews for whatever reason the cert for mail.domain.tld reverts to just domain.tld

This is repeatable and results in a lot of customers complaining about cert issues

I have to go into the panel and manually apply mail settings to get the renewed SSL to bind properly to the mail.domain.tld

Mind you the panel shows the binding correctly to mail.domain.tld SSL

This obvious Kludge only exists because Plesk refuses despite many many requests to natively support mail.domain.tld SSL

plesk.uservoice.com

Issue Let's Encrypt SSL certificate for mail server when the "A" DNS record for domain is pointing to another server

This feature is required for users with the configuration when on the Plesk only mail server for domain is used. "A" DNS record for mail.example.com is pointing to Plesk server, when when "A" record for example.com is pointing to another server.
plesk.uservoice.com

So any work around to keep these mail.domain.tld ssl bound properly ?

Thanks!!

Ladylinux
 
OK,

Guess voting is a waste of time here.

plesk.uservoice.com

Add possibility issue Let's Encrypt SSL certificate for mail server when the "A" DNS record for domain is pointing to another server

This feature is required for users with the configuration when on the Plesk only mail server for domain is used. "A" DNS record for mail.example.com is pointing to Plesk server, when when "A" record for example.com is pointing to another server.
plesk.uservoice.com


Sigh,

LadyLinux
 
This is a well-known issue that has been discussed frequently on the forum. Unfortunately, it doesn't seem like a solution will be available in the near future. Hopefully, Plesk will consider addressing this at some point, as it's been a recurring request for quite some time.
 
@Ladylinux, @Maarten, thank you for bringing that up. Our team is currently working on introducing the ability to secure email-only hosting with Let’s Encrypt certificates. I do not want to provide any ETA at the moment in case something goes wrong and they need to postpone it, but it is planned for the release of the next SSL It! (+ Let’s Encrypt) version.
 
Sebahat.hadzhi said:
@Ladylinux, @Maarten, thank you for bringing that up. Our team is currently working on introducing the ability to secure email-only hosting with Let’s Encrypt certificates. I do not want to provide any ETA at the moment in case something goes wrong and they need to postpone it, but it is planned for the release of the next SSL It! (+ Let’s Encrypt) version.
Click to expand...
Thank You!!

LadyLinux
 
Hi,

This is still wacked

With a "New" mail only domain and the latest SSL It! (Version 1.16.0-4789) Lets Encrypt (3.2.9 (14 January 2025)) extensions one can not secure properly a clients mail server.

SSL binds webmail.customerdomain.tld to mail.customerdomain.tld unless you deselect "secure webmail" when issuing a ssl certificate

If you do this deselect webmail is no longer ssl protected

This is not what should happen

Sigh,

LadyLinux
 
You must log in or register to reply here.

Similar threads

W
Question Wanted: Best practice for certificates (Lets Encrypt) two separate Plesk servers for www and mail
2
Replies
20
Views
2K
W4ru
W
R
Issue SSL/TLS cert for mail server not updating (Lets Encrypt)
Replies
2
Views
2K
tessa67
T
L
Issue Plesk Mail Only SSL Still Not Functioning Properly
Replies
0
Views
146
Ladylinux
L
W
Question SSL Cert for Mail-Server
Replies
1
Views
556
Kaspar
K
QWeb Ric
Issue Server pool SSL not showing for selection
Replies
0
Views
345
QWeb Ric
QWeb Ric
Back
Top