Issue When Mail Domain SSL Renews The Cert Reverts To domain.tld

trialotto said:
But if you do not have such a subdomain, which setup do you use? Plesk DNS? TLSA? etc etc.
Click to expand...
Not using DANE/TLSA. DNS is managed via Plesk.

trialotto said:
In addition, do you have issues with webmail certs not renewing / not being assigned (when other parts are renewed properly)?
Click to expand...
Not really. I can't honestly remember the last time I had an issuing issue (that wasn't the result of a LE outage or some DNS misconfiguration on my end).

trialotto said:
In addition, is your checkbox (secure mail) also not active when first selecting "assign cert to the mail domain"?
Click to expand...
Yeah, the fact that (currently at least) manual interaction is required to get the mail.* subdomain included in the certificate as a SAN and get it assigned for the mail domains mail service is definitely a pity. I really wish that there was an option we (as server administrators) could enable to have this included in the issuing process by default.

I've circumvented this limitation for now by automating the initial domain certificate issuing using a custom script and the SSL it! CLI.
 
You must log in or register to reply here.

Similar threads

W
Question Wanted: Best practice for certificates (Lets Encrypt) two separate Plesk servers for www and mail
2
Replies
20
Views
6K
W4ru
W
R
Issue SSL/TLS cert for mail server not updating (Lets Encrypt)
Replies
3
Views
3K
trialotto
T
L
Issue Plesk Mail Only SSL Still Not Functioning Properly
Replies
6
Views
2K
Ladylinux
L
W
Question SSL Cert for Mail-Server
Replies
1
Views
2K
Kaspar
K
QWeb Ric
Issue Server pool SSL not showing for selection
Replies
0
Views
1K
QWeb Ric
QWeb Ric
Back
Top