I suggest you ...

← Feature Suggestions

Lets Encrypt Certificate for Mailserver and Webmail.

As descriebed earlier

433 votes
Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
started  ·  AdminPlesk Staff (Community Manager, Plesk International GmbH) responded  · 

Let’s Encrypt 2.1.0 extension with Webmail support is now available!

https://ext.plesk.com/packages/f6847e61-33a7-4104-8dc9-d26a0183a8dd-letsencrypt

We would love to hear your feedback on our forum at http://talk.plesk.com. We’d like to thank everyone who commented on this request and provided invaluable feedback. Thanks!

PS: about Mailserver support – we have it in our plans.

Show previous admin responses (1)

45 comments

Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Anonymous commented  ·   ·  Flag as inappropriate

    Yes! For me it would be important to have this feature too (https only & webmail without hosting).
    Thanks for implement it soon!

  • Wack commented  ·   ·  Flag as inappropriate

    I also need Let's Encrypt certificate with webmail service only.
    Please add also checkbox for webmail with https only.
    Thanks

  • Manfred Warta commented  ·   ·  Flag as inappropriate

    When a customers domain is configured without hosting (he only uses mailservices) there is no way to get the Let's Encrypt certificate for the webmail service.

    Additionaly it would be very very good to have a checkbox like in the hosting settings to force webmail will always be https :-)

  • DerDanilo commented  ·   ·  Flag as inappropriate

    Mailserver cert generation is still missing.
    We stll have to use the workarround with subdomain and aliases.

  • Chris Pettet commented  ·   ·  Flag as inappropriate

    I've given up with Plesk and gone elsewhere now as I need the ability for sub-domains to use LE and Plesk simply aren't delivering.

  • Chris Pettet commented  ·   ·  Flag as inappropriate

    I have noticed from a recent upgrade of your Lets-Encrypt plugin (2.0) that you now support aliases. Surely this was less important than supporting sub domains? Is there any reason why this was introduced prior to sub-domain implementation?

  • King555 commented  ·   ·  Flag as inappropriate

    If I read correctly the extension now allows securing Plesk itself via a certificate from LE. And as far as I know the cert. for webmail and Plesk is identical.

  • G J Piper commented  ·   ·  Flag as inappropriate

    We need to make sure the Plesk plugin will allow Let's Encrypt to be used with webmail.domans.tld even when the domain is not hosting a website — only email/webmail.

  • AmaZili Communication commented  ·   ·  Flag as inappropriate

    @plesk Can we have a planned release date?

    Everybody need sub domains (93 voted) (see https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/11283315-add-subdomains-in-one-let-s-encrypt-certificate ) dnd aliases (271 voted) (see https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/15013254-let-s-encrypt-add-domain-aliases?page=4&per_page=20 ).

    When you add all requests here and there about enhancing the LE support, its today more than 460 people shouting in the desert...
    In addition, we definitely need solution to manage mail servers properly with multiple domains on the same server and proper secure mail connection transport.

    This is not a wish, it is mandatory.

  • Chris Pettet commented  ·   ·  Flag as inappropriate

    I'm going to try and post here, but the last two or three times I've tried for some unknown reason, the post always disappears.

    Anyway, as of now there is no way to add a certificate to webmail as you can not create your own subdomain called webmail.<domain> as it just tells you that's reserved. All I can suggest is that you set your webmail to the standard HTTP protocol and wait for the "fix" to be implemented.

    Is there any reason why your mail clients are using webmail to connect and not using the MX server, or did I read that wrong?

    I did try putting forward a suggestion for this process to be sorted along with any other subdomains you wanted and that is to create an array of prefixes which are all included within the certificate. So for arguments sake, you will have a simple space separated text box (or even a textarea with one prefix per line) which would have something like...

    for a text box:
    webmail sub1 sub2 devices whateveryouwant

    for a textarea:
    webmail
    sub1
    sub2
    devices
    whateveryouwant

    This way users can include whichever subdomain they wish and without the need for Plesk to include "generic" ones. It could simply replace the current "include www as an alternative" check box when you create a Let's Encrypt certificate..

    I hope this has formatted correctly but I'm having issues with starting a new paragraph ;) Shift+Enter isn't it?

  • Lee commented  ·   ·  Flag as inappropriate

    Any updates? Have just upgraded to Onyx and my mail server setup for multiple domains Plesk is now a nightmare with hostname mismatch errors and invalid certificate errors when mail clients try to connect. Is there a good tutorial guiding us on how to set this up so the certificates on each domain's webmail don't throw errors?

  • TomBob commented  ·   ·  Flag as inappropriate

    to have the lets encrypt cert available for the webmail subdomain for horde/roundcube would be great.
    Currently, although it can be chosen, it doesn't work.

  • Eric Oxenberg commented  ·   ·  Flag as inappropriate

    This feature SEEMS to have been added to Onyx, but the feature is broken. When you assign a Let'sEncrypt SSL to a domain via the plugin or in the mail module, there is a button or checkbox that says "add to webmail" but when activated, webmail is still not locked.

  • Rob Nester commented  ·   ·  Flag as inappropriate

    to add to this:
    I currently have the following implemented on a manually managed server with Let's Encrypt and this this implementation would benefit others:

    I have a single Let's Encrypt cert which is used for postfix. For each domain that I host, I add the mail server as a SAN to this certificate. In this way, i can allow all domains to connect to their respective mail.<domain>.<tld> and get no issues with mismatches.

    I think that this idea is easily extendable to add the "standard" mail subdomains (pop, pop3, imap, imap4, smtp) in a similar fashion.

    Hopefully this will be similar to the final implementation as I would guess that there are a number of folks who use Plesk to host multiple domains who have customers who don't really enjoy the use of a mail server which doesn't match their domain.

2

Feature Suggestions: Security

Categories

Feedback and Knowledge Base

(thinking…)