We have a few customers that for one reason or another we don't host the website on the Plesk server, but still host DNS and email. There is no easy way to have a mail.<domain> SSL certificate generated by Let's Encrypt like it can for webmail.<domain>. I'd like to see mail.<domain> be an option for SSL generation so that mail clients can connect securely to the mail server and not have to explain to them about using 'webmail.<domain>'.

Any update on this? cPanel does it well, but not Plesk? WhY?

Hi,

is this feature not available in PLESK at the moment? Definitely necessary!

This is absolutely essential. Configuring domains solely for email services on Plesk can be quite cumbersome. To maintain SSL certificates, you have to create subdomains like "mail.domain.com", and the renewal process sometimes fails, which complicates things further.

cPanel has been able to do this for years using DNS challenges. Now, trying to migrate all of our clients to Plesk is becoming a challenge. We don't have a huge amount of email only clients but our resellers do, we'll definitely hear it from them.

This has been a request on this site since beginning of 2020, so over 4 years ago. Since every browser and email program requires SSLs, why hasn't this moved up the list yet?

Very frustrating, this should be a critical feature to be implemented...

Now that Mailman3 is supported on Debian 12, can you also add the ability for adding a Let's Encrypt SSL certificate for the list subdomain when the domain is not pointing to the Plesk server?

I've made a small Script to work around this issue. Should be pretty self explanatory and easily adjustable to custom needs - hope it helps some of you as Plesk isn't going to fix anything soon as it seems ... 🙄

https://github.com/futureweb/Plesk-Postfix-SNI-TLS-Cert-Fixer

This function is critical for us and probably a reason to move to cPanel.

Here is my temporary solution for it:
https://gitlab.com/nixoeen/plesk-mail-sni

Is this a joke? This makes no sense that this problem persists!

That means we can't sell 'email only' accounts?!

Yes will be usefull

It would also be useful to be able to create a certificate for mail.example.com when the "Hosting Type" option is set to "No Hosting" (whereas the domain points or not to the server)

It would be just as creating a certificate for "webmail.example.com" works now, I guess ?

Lets do it! CRITICAL

Can you please qualify "popular" please? This is an old feature, reported in 2019, and still BADLY required today in 2024. I have had this problem with the mail server using a subdomain like "mail.somedomain.com" and LE can not cope with it. Halfway through my email stops working.

This is a CRITICAL requirement, and should not be treated as a would be nice feature request. You are providing SSL certificates support through LE for securing the website and other components, but this functionality is incomplete because it is not designed to cope with subdomains in zones managed externally.

CRITICAL!

I echo the comments below. Like with Hover and OpenSRS who also provide mail hosting, they DO NOT require A records for example.com to point to their servers hosting mail.example.com

Unacceptable that this isn't a feature yet. Not only is it completely necessary, as is clear by the comments and votes, this shouldn't be a popularity competition for a feature that is so essential to the normal functioning of a server. Anyone with more than 2 hosting clients will have clients that just want mail while their root A record is pointed elsewhere. I'm incredibly disappointed with Plesk's lukewarm response to this crucial security feature.

How is this not a thing yet ...

yes, yes, yes, PLEASE

+3

A must-have feature, as Plesk did with the separated certificate for webmail long time ago, but for "mail" is more crucial.

This feature needs to be prioritized. It fills a crucial gap in functionality and aligns perfectly with user needs and industry trends, as mails are commonly hosted on different servers. The status quo renders plesk difficult to use for mails.