Lets Encrypt Certificate for Mailserver and Webmail.
As descriebed earlier
Fully completed since SSL It! 1.2.0: https://ext.plesk.com/packages/3c4117f6-c05c-4d3b-9173-60f10096a9c4-sslit
Note that SNI for Mail is available since Plesk Obsidian, and only for MailEnable and Postfix+Dovecot (at that old OSes aren’t supported).
Webmail securing is available since Plesk Onyx.
It would be nice to have the ability to install an Lets Encrypt SSL certificate even 4 the standard email subdomains (pop, pop3, imap, imap4, smtp)
Yes! For me it would be important to have this feature too (https only & webmail without hosting).
Thanks for implement it soon!
I also need Let's Encrypt certificate with webmail service only.
Please add also checkbox for webmail with https only.
Manfred Warta commented
When a customers domain is configured without hosting (he only uses mailservices) there is no way to get the Let's Encrypt certificate for the webmail service.
Additionaly it would be very very good to have a checkbox like in the hosting settings to force webmail will always be https :-)
Mailserver cert generation is still missing.
We stll have to use the workarround with subdomain and aliases.
I've given up with Plesk and gone elsewhere now as I need the ability for sub-domains to use LE and Plesk simply aren't delivering.
Webmail is now supported in version 2.1 (https://github.com/plesk/letsencrypt-plesk/issues/37)
Unfortunately mailserver (https://github.com/plesk/letsencrypt-plesk/issues/64) and mailman interface (https://github.com/plesk/letsencrypt-plesk/issues/169) not!
I have noticed from a recent upgrade of your Lets-Encrypt plugin (2.0) that you now support aliases. Surely this was less important than supporting sub domains? Is there any reason why this was introduced prior to sub-domain implementation?
If I read correctly the extension now allows securing Plesk itself via a certificate from LE. And as far as I know the cert. for webmail and Plesk is identical.
G J Piper commented
We need to make sure the Plesk plugin will allow Let's Encrypt to be used with webmail.domans.tld even when the domain is not hosting a website — only email/webmail.
Please also patch this into the next release of the plugin:
AmaZili Communication commented
@plesk Can we have a planned release date?
Everybody need sub domains (93 voted) (see https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/11283315-add-subdomains-in-one-let-s-encrypt-certificate ) dnd aliases (271 voted) (see https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/15013254-let-s-encrypt-add-domain-aliases?page=4&per_page=20 ).
When you add all requests here and there about enhancing the LE support, its today more than 460 people shouting in the desert...
In addition, we definitely need solution to manage mail servers properly with multiple domains on the same server and proper secure mail connection transport.
This is not a wish, it is mandatory.
SSL /Let's Encrypt/ function for webmail.domain.tld
I'm going to try and post here, but the last two or three times I've tried for some unknown reason, the post always disappears.
Anyway, as of now there is no way to add a certificate to webmail as you can not create your own subdomain called webmail.<domain> as it just tells you that's reserved. All I can suggest is that you set your webmail to the standard HTTP protocol and wait for the "fix" to be implemented.
Is there any reason why your mail clients are using webmail to connect and not using the MX server, or did I read that wrong?
I did try putting forward a suggestion for this process to be sorted along with any other subdomains you wanted and that is to create an array of prefixes which are all included within the certificate. So for arguments sake, you will have a simple space separated text box (or even a textarea with one prefix per line) which would have something like...
for a text box:
webmail sub1 sub2 devices whateveryouwant
for a textarea:
This way users can include whichever subdomain they wish and without the need for Plesk to include "generic" ones. It could simply replace the current "include www as an alternative" check box when you create a Let's Encrypt certificate..
I hope this has formatted correctly but I'm having issues with starting a new paragraph ;) Shift+Enter isn't it?
Any updates? Have just upgraded to Onyx and my mail server setup for multiple domains Plesk is now a nightmare with hostname mismatch errors and invalid certificate errors when mail clients try to connect. Is there a good tutorial guiding us on how to set this up so the certificates on each domain's webmail don't throw errors?
I need this now! Please :/
Marco van Wyngaarden commented
Lets hope it will be fixed asap so we can use correct SSL certs for Webmail access
to have the lets encrypt cert available for the webmail subdomain for horde/roundcube would be great.
Currently, although it can be chosen, it doesn't work.
Eric Oxenberg commented
This feature SEEMS to have been added to Onyx, but the feature is broken. When you assign a Let'sEncrypt SSL to a domain via the plugin or in the mail module, there is a button or checkbox that says "add to webmail" but when activated, webmail is still not locked.