Skip to content

I suggest you...

← Feature Suggestions

Let's Encrypt: separate cert for webmail (without main domain in SAN)

We have a setup where webmail.example.com and example.com point to another server than our Plesk instance. Because of this we can't enable Let's Encrypt on Webmail since the CSR contains webmail.example.com and example.com.
So I hope you consider adding an option to only create webmail.example.com (without SAN example.com)

128 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Nico shared this idea  ·   ·  Report…  ·  Admin →

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Robin Labadie commented  ·   ·  Report

    Good question @FutureX, I do believe 1.4 < 1.15 though. So this has been introduced a while ago.

    However feedback says it works only when nginx is present on the server. Pure Apache don't benefit from it. That's a bummer.

  • FutureX commented  ·   ·  Report

    We're on SSL It! 1.15.5-4063.

    Plesk automatically updates the extensions, how would we update to 1.4.0?

  • FutureX commented  ·   ·  Report

    Yes vital functionality as stated below. We have clients who are hosting their website on other platforms but keeping their email with us. We generally manually create a mail. subdomain and secure that but can't create a webmail. subdomain so it creates problems.

    Not to mention we have to manually set this up every time and webmail is not secured.

  • Plesk Tech Support commented  ·   ·  Report

    For now, it is possible to configure HTTPS redirect for webmail if domain itself is secured with LE certificate as described here https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/31900489-redirect-from-http-to-https-for-secured-webmails

    However, if the domain has "No hosting" type, it is not possible to secure webmail separately. I can see the feature request for this https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/20093866

    However, I would like to add one more ability - ability to configure HTTPS redirect for webmail separately, when domain has "No hosting" type.

  • Alexandre Féron commented  ·   ·  Report

    This is definitely a must-have in the current times : a lot of us have separate servers for WEB and for MAIL.

  • Tom commented  ·   ·  Report

    We'd love to see this feature for our Plesk servers. It's quite the mandatory feature, as it's needed more and more. We really dislike to have to say "no" to our customers.

  • Anonymous commented  ·   ·  Report

    Please do this,a lot of clients have external web sites and I am lost, can't issue SSL when website is hosted outside plesk, can't even force the system to use DNS challenge instead of web site challenge, can you help?

  • Carsten commented  ·   ·  Report

    We are hosting our platform on aws and our mail server on a different hosting with plesk (strato, Germany). So we also highly need a solution or a work around , to apply LE in this setup.

  • Alexander Koch commented  ·   ·  Report

    As a workround for roundcube:

    1. Copy /usr/local/psa/admin/conf/templates/default/webmail/roundcube.php -> /usr/local/psa/admin/conf/templates/custom/webmail/roundcube.php
    2. Edit the custom roundcube.php -> Append following Line under Alias /roundcube/ :
    Alias /.well-known/acme-challenge "/var/www/vhosts/default/htdocs/.well-known/acme-challenge"
    3. plesk sbin httpdmng --reconfigure-all
    4. Add Subdomain webmail.domain.tld
    5. Secure this Subdomain with Let`s Encrypt
    6. Click SSL on the Maindomain, click Advanced Settings and secure webmail with the certificate from the Subdomain

    And thats all, i hope this helps.

    Greetz Alex

  • Gianluca DB commented  ·   ·  Report

    We have customers with their domain's websites in one server and mail service of the same domain in another server, we need this feature please.

  • Robin commented  ·   ·  Report

    Feature is much needed. We need to be able to secure a webmail even when the domain is not hosted on the server, or when the web hosting is disabled. We need as well, in Obsidian, to be able to generate an email server only certificate.

    This request is quite related to https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/18989752-ssl-cert-for-a-domain-frame-forwarder
    If you allow generating a certificate for frame forwarder domains, then it should resolve this issue as well.

    Plesk, we're not in 1999, SSL/TLS should be anywhere, whenever possible... We're paying premium, then please, serve premium service.

  • Anonymous commented  ·   ·  Report

    Please implement this. To manually copy certs and keys is very annoying

  • Riccardo commented  ·   ·  Report

    I agree with the necessity and urgency to implement this functionality. Thank you

  • TomBob commented  ·   ·  Report

    We got lots clients, email hosting with us, sites eventually wix, webbly, online services. Can't do what we need to do with Plesk & lets encrypt easily. Always have to load webmail certs separately. Not user- & admin friendly.

  • Dirk Spahn commented  ·   ·  Report

    Would be great to add a Let's Encrypt certificate for a webmail-subdomain without having the www-website on the same machine. Are there any plans to get that feature soon?

  • John Shiells commented  ·   ·  Report

    can we get an update on when this will be working please?

    i think this should be considered a BUG instead of a feature request.

  • Anonymous commented  ·   ·  Report

    Yes, it is a big problem when the web site is using an external CDN or Firewall too - we have customers using Cloudflare or Sucuri WAF and can not secure their webmail URL.. Please work with LE to enable this, thank you.
    /Fran

← Previous 1

Feature Suggestions: Web / SSL

Categories

Feedback and Knowledge Base

(thinking…)