Skip to content

I suggest you...

← Feature Suggestions

Issue Let's Encrypt SSL certificate for mail server when the "A" DNS record for domain is pointing to another server

This feature is required for users with the configuration when on the Plesk only mail server for domain is used.

"A" DNS record for mail.example.com is pointing to Plesk server, when when "A" record for example.com is pointing to another server.

185 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Alexey Lapshin shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • wurzenrainer commented  ·   ·  Report

    This feature is more then cruical for us! Please listen too the users and add this feature already...

  • Florian Mitterer commented  ·   ·  Report

    This holds great importance for us as this particular configuration is utilized by numerous domains belonging to our SAAS CMS Customers. Additionally, we also host mail-only packages from Plesk. However, we have encountered an issue where Let's Encrypt is not available for the mail.example.com domain since no website is provisioned for it. While Let's Encrypt is available for webmail.example.com, using it with imaps/smtps as the hostname results in a mismatched certificate warning for end users. This discrepancy seems to be a bug in the SSL IT extension, rather than a simple feature request.

    This is a must functionality.

  • CK commented  ·   ·  Report

    I can't believe it either. This is a must functionality.

  • Maarten commented  ·   ·  Report

    I can't believe why this is still not implemented in Plesk. The days when all services ran on the same server are long gone. With the boom of website builders like Wix, Squarespace, Jimdo, etc., the services are distributed on multiple servers, which does not fit the path Plesk has taken: that Let's Encrypt certificates should be verified on domain.com.

  • Fran Smith commented  ·   ·  Report

    I have to move large quantities of users off legacy platforms like Hsphere and even Cpanel where mail.domain.tld is set as incoming and outgoing server.

    At the very least Plesk you could generate a clear article on how to properly script an event to add this subdomain as a new domain is added.

    Lady Linux

  • Gianluca commented  ·   ·  Report

    We have hundreds domains with mail service on several Plesk servers with the main domain pointing to an external server/service. Having email with SSL in 2023 is extremely important!

  • Marc Jauvin commented  ·   ·  Report

    I can't belive this has not been addressed yet, this is not even a question of votes, this is basic common sense.

  • Gil commented  ·   ·  Report

    I have too many clients who leave DNS and email management with us, but move Website elsewhere

  • Plesk Tech Support commented  ·   ·  Report

    It would be very desirable for Plesk to have an option, besides the "include www.domain.name" and "Secure webmail.domain.name" options to "Include mail.domain.name" on issuing a Let's Encrypt SSL certificate. If the DNS service is hosted on a 3rd-party service, the mail.domain.name is not secured and the wildcard certificate will not be automatically renewed.

  • Heikki Ollilainen commented  ·   ·  Report

    Hi,

    We are hosting also mail only packages from plesk. Letsencrypt is not available for mail.example.com since no website is provisioned. It is available for webmail.example.com but that does not work with imaps / smtps as hostname (service will provide wrong certificate and enduser gets warning hostname not matching). In mycase A record can be pointing to plesk but letsencr not available for other domains. I consider this a Bug on SSL IT extension rather than feature request.

  • Patrick Neuner commented  ·   ·  Report

    Should be available already, not every customer wants to pay for o365

  • Andreas Schnederle-Wagner commented  ·   ·  Report

    This would be cruical for us as excactly this configuration is used by thousands of Domains of our SAAS CMS Customers ...

  • Nuno Pereira commented  ·   ·  Report

    We need this feature in an era of secure communications, where having a certificate is ubiquitous, customers demand for it and improves the security of the services.

  • IA-Plesk commented  ·   ·  Report

    This is also a very need feature for us.
    We hope this will be implemented as soon as possible.

    Thanks

  • IA-Plesk commented  ·   ·  Report

    We have clients that only have email service.
    A good workaround was PLESK add webmail.customerdomain.tld as a server name indication (SNI).

  • Tessa Vermeulen commented  ·   ·  Report

    Indeed! In the begin people used pop3.domain.tld for incoming and smtp.domain.tld for outgoing. Now people are more and more using mail.domain.tld for incoming and outgoing mailserver. (with the correct ports). But the only way to have it on SSL is to create a subdomain for each subscription called mail.domain.tld and point the certificate to it. Just add another checkbox like the webmail for mail. will help alot.

2

Feature Suggestions: Security

Categories

Feedback and Knowledge Base

(thinking…)