• Hi, Pleskians! We are running a UX testing of our upcoming product intended for server management and monitoring.
    We would like to invite you to have a call with us and have some fun checking our prototype. The agenda is pretty simple - we bring new design and some scenarios that you need to walk through and succeed. We will be watching and taking insights for further development of the design.
    If you would like to participate, please use this link to book a meeting. We will sent the link to the clickable prototype at the meeting.
  • (Plesk for Windows):
    MySQL Connector/ODBC 3.51, 5.1, and 5.3 are no longer shipped with Plesk because they have reached end of life. MariaDB Connector/ODBC 64-bit 3.2.4 is now used instead.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Issue When Mail Domain SSL Renews The Cert Reverts To domain.tld

L

Ladylinux

New Pleskian
Server operating system version
Debian 11
Plesk version and microupdate number
18.0.65
Hello,

So this is a reoccurring annoyance. I have some accounts that I migrated off Cpanel and Hsphere that customers use mail.domain.tld for incoming and outgoing mail server.

I had to manually create a mail.domain.tld sub domain and then bind its cert to its mail settings.

When the domain mail.domain.tld renews for whatever reason the cert for mail.domain.tld reverts to just domain.tld

This is repeatable and results in a lot of customers complaining about cert issues

I have to go into the panel and manually apply mail settings to get the renewed SSL to bind properly to the mail.domain.tld

Mind you the panel shows the binding correctly to mail.domain.tld SSL

This obvious Kludge only exists because Plesk refuses despite many many requests to natively support mail.domain.tld SSL

plesk.uservoice.com

Issue Let's Encrypt SSL certificate for mail server when the "A" DNS record for domain is pointing to another server

This feature is required for users with the configuration when on the Plesk only mail server for domain is used. "A" DNS record for mail.example.com is pointing to Plesk server, when when "A" record for example.com is pointing to another server.
plesk.uservoice.com

So any work around to keep these mail.domain.tld ssl bound properly ?

Thanks!!

Ladylinux
 
OK,

Guess voting is a waste of time here.

plesk.uservoice.com

Add possibility issue Let's Encrypt SSL certificate for mail server when the "A" DNS record for domain is pointing to another server

This feature is required for users with the configuration when on the Plesk only mail server for domain is used. "A" DNS record for mail.example.com is pointing to Plesk server, when when "A" record for example.com is pointing to another server.
plesk.uservoice.com


Sigh,

LadyLinux
 
This is a well-known issue that has been discussed frequently on the forum. Unfortunately, it doesn't seem like a solution will be available in the near future. Hopefully, Plesk will consider addressing this at some point, as it's been a recurring request for quite some time.
 
@Ladylinux, @Maarten, thank you for bringing that up. Our team is currently working on introducing the ability to secure email-only hosting with Let’s Encrypt certificates. I do not want to provide any ETA at the moment in case something goes wrong and they need to postpone it, but it is planned for the release of the next SSL It! (+ Let’s Encrypt) version.
 
Sebahat.hadzhi said:
@Ladylinux, @Maarten, thank you for bringing that up. Our team is currently working on introducing the ability to secure email-only hosting with Let’s Encrypt certificates. I do not want to provide any ETA at the moment in case something goes wrong and they need to postpone it, but it is planned for the release of the next SSL It! (+ Let’s Encrypt) version.
Click to expand...
Thank You!!

LadyLinux
 
Hi,

This is still wacked

With a "New" mail only domain and the latest SSL It! (Version 1.16.0-4789) Lets Encrypt (3.2.9 (14 January 2025)) extensions one can not secure properly a clients mail server.

SSL binds webmail.customerdomain.tld to mail.customerdomain.tld unless you deselect "secure webmail" when issuing a ssl certificate

If you do this deselect webmail is no longer ssl protected

This is not what should happen

Sigh,

LadyLinux
 
You must log in or register to reply here.

Similar threads

W
Question Wanted: Best practice for certificates (Lets Encrypt) two separate Plesk servers for www and mail
2
Replies
20
Views
1K
W4ru
W
R
Issue SSL/TLS cert for mail server not updating (Lets Encrypt)
Replies
2
Views
2K
tessa67
T
W
Question SSL Cert for Mail-Server
Replies
1
Views
428
Kaspar
K
QWeb Ric
Issue Server pool SSL not showing for selection
Replies
0
Views
266
QWeb Ric
QWeb Ric
futureweb
Question Issues with SSL Certificate Renewal for Mail Services in Plesk: Seeking Automated Solution via CLI or API
Replies
8
Views
2K
futureweb
futureweb
Back
Top