Feature Suggestions
Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.
Please write in English so that voters from all over the world can read and support your request.
Off-topic posts will be removed from here
34 results found
-
Add Mailman support to Let's Encrypt
Please add Mailman support to Let's Encrypt.
Ideally, one could issue either a certificate directly for lists.domain.com or a wildcard certificate for *.domain.com.
Furthermore, a secure connection should be enforceable.
Thanks!
298 votesThank you for your input! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.— rk
-
Allow disabling of Let's Encrypt on a domain by domain basis
Currently, when giving users the ability to access SSL to add their own certificates, they can also view Let's Encrypt and create free certificates. It would be useful to allow users access to add their own certificates without giving them access to use Let's Encrypt and there is currently no way to do this.
Additionally, any users logging in to manage their domains can see Let's Encrypt (although cannot use it) and we keep getting asked about it, so it would be useful to hide this off for users unless they specifically need access.
26 votesThis is a valid request, for example when a provider does not want to offer free certificates to some customers. We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
-- PD
-
Automatically apply wildcard Let's Encrypt SSL
It will be good if Plesk can implement automatically applied wildcard let's encrypt option by default.
20 votes -
Uploading purchased SSL/TLS certificate for domains aliases
Hello,
Please add functionality for uploading purchased certificates for securing domain aliases.
At the moment domain, aliases always use the certificate for the main domain. This is not suitable if different certificates are used for a domain and an alias.
Let's Encrypt certificates can be issued for aliases, but certificates uploading should also be possible.
18 votesThank you for your input! We will consider this functionality in upcoming releases if it will be popular. Everyone, please continue voting for this feature if you consider it important.
—
IG -
Allow certificate upload as .pfx container
If you have a .pfx file containing Certificate, Private Key and CA certificate, allow to upload that container with one step.
This way, a customer doesnt have to use tools like openssl to extract and convert the certificate themselves.
.pfx is the preferred format on windows plattforms ,e.g. when you export a certificate from another IIS-based server.
17 votesThank you for your input! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
—
IG -
Implement a general-purpose ACME client for certificate authorities other than Let's Encrypt
Currently, it is only possible to automatically renew certificates issued by Let's Encrypt. Certificates from other CA's have to be updated manually even if they support ACME protocol, so it would be useful to have a module that could renew all certificates.
14 votesThank you for your input. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IG -
Use Lets Encrypt to secure preview urls
Hi,
I think the preview urls is a really useful feature, but they have a limitation in which they cannot be secured.
Being able to secure these urls with a wildcard certificate from Lets Encrypt would be hugely beneficial when developing.
An example would be when developing with certain APIs such as HTML5 Geolocation API.
Thanks
13 votesThank you for your input. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IG -
Create CSR with multiple domains
Currently, Plesk only provides the option to include a single domain on a Certificate Signing Request (CSR): https://support.plesk.com/hc/en-us/articles/213939845
According to our business needs, we need to issue a CSR with alternative subject names, we need to include multiple domains on this CSR so we can issue a SAN certificate, but Plesk doesn't have such functionality.
13 votesThank you for your input. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IG -
Redirect to https and only after to www when HSTS and www prefered domain are enabled
Hello, it would be good if Plesk can redirect to https and only after to www when www prefered domain is enabled because when submitting your domain on https://hstspreload.org it gives me this error (I replaced my domain by a fake one obviously)
13 votesThank you for your input! We will consider this functionality in upcoming releases if it will be popular. Everyone, please continue voting for this feature if you consider it important.
—
IG -
Option to disable SNI for a domain in SSL Settings
If a domain has SNI disabled from IIS > Site > example.com > Bindings, Plesk reverts it back to Enabled when it pushes changes to IIS.
It would be nice to have an option in the domain's SSL settings to turn ON/OFF SNI and lock it.
10 votesThank you for your input! We will consider this functionality in upcoming releases, if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
—
IG -
SSL Certificate changes should be reflected in Action Log
SSL Certificate changes are currently not logged in Action Log in any way. Such changes should be logged as they are part of hosting settings.
Yet, they should reflect the certificate details (e.g. "Certificate A was changed to certificate B").10 votesThank you for your input! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
—
IG -
Automatically select the certificate in Domains > example.com > Mail Settings > SSL/TLS certificate for mail for newly created domains
When the new domain is created and when the option 'Keep websites secured with free SSL Certificate' is enabled on a service plan level as per: https://support.plesk.com/hc/en-us/articles/115001575134, the certificate is not automatically selected in Domains > example.com > SSL/TLS Certificates for mail, only for 'webmail'.
9 votesThank you for your input! We will consider this functionality in upcoming releases if it will be popular. Everyone, please continue voting for this feature if you consider it important.
—
IG -
Add the option to remove certain domain names or its parts from Let's Encrypt certificates auto-renewal notifications
Add the option to remove certain domain names from Let's Encrypt certificates auto-renewal failure (customer's digest) and Let's Encrypt certificates auto-renewal success (customer's digest).
For example, I have domain example.com without "www" part (by design) that is secured with Let's Encrypt certificate for example.com (without "www" part). Plesk sends the notification that the www.example.com could not be secured. With the suggested option it will be possible to switch off such notification for "www" part only so that the regular notification for example.com will be active.
8 votesThank you for your input. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IG -
Install Let's Encrypt certificate on domain with forwarding type on Plesk for Windows
Now when it is possible to install Let's Encrypt on domain It should be possible to install Let's Encrypt certificate on domain with forwarding type on Plesk for Windows too
6 votesThank you for your input. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IG -
Add additional CA certificates to an existing certificate
It would be very helpful to be able to add additional CA certificates to existing certificates.
For example, in our case, on a domain with Let's Encrypt, it's required to add origin-pull-ca.pem from Cloudflare (https://support.cloudflare.com/hc/en-us/articles/204899617/) but trying to set sslclientcertificate (Nginx) or SSLCACertificateFile (Apache) as additional directives will trigger an error of duplicate syntax.
Therefore, it should be possible to go to Domains > example.com > SSL/TLS Certificates > Click on the certificate > Add more CA-certs
5 votesThank you for your input! We will consider this functionality in upcoming releases if it will be popular. Everyone, please continue voting for this feature if you consider it important.
—
IG -
Take *.domain.com as the CN of Wildcard certificates in the LE extension
At the moment the CN of the wildcard certificate is still domain.com and not *.domain.com. The wildcard is just in the alternative domain names.
Please use the wildcard as the CN5 votesThank you for your input. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IG -
Add option to pass OCSP "must staple" to Let's Encrypt
It is possible to enable OCSP stapling, but not to pass the "must staple" option to Let's Encrypt, even though they support it, and it should be available in Plesk.
More people have pointed this out on the original post: https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/7064969-include-oscp-stapling-directives-for-secured-sites
4 votesThank you for your suggestion. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
-- KvD
-
Enable SSL session caching by default in Nginx configuration
SSL session caching is not enabled by default in Plesk's Nginx configuration, leading to the warning “Session resumption (caching): No (IDs assigned but not accepted)” during SSL testing (e.g., SSLLabs test). Without SSL session caching, SSL/TLS handshakes take longer and consume additional resources, impacting performance for returning users.
The following settings are missing in the Nginx SSL configuration file (/etc/nginx/conf.d/ssl.conf):
sslsessioncache shared:SSL:32m;
sslsessiontimeout 1m;Steps to Reproduce:
- Run SSL configuration tests, such as with SSLLabs, and observe the “Session resumption” section.
- Note the warning “Session resumption (caching): No (IDs assigned but not accepted)”, indicating the lack…
3 votesThank you for your input! We will consider this functionality in upcoming releases if it becomes popular.
Everyone, please continue voting for this feature if you consider it important.
-- SH
-
Allow specifying of ports to open in firewall during certificate generation process to open and close again automatically
allow for specific ports to be opened when securing/ressecuring Let's Encrypt SSL certs.
For example, Lets Encrypt needs several ports open in order to reissue SSL so have a field to enter the ports to open when re issuing the SSL.
tcp:80, 443
udp:4433 votesThank you for your input! We will consider this functionality in upcoming releases if it becomes popular.
Everyone, please continue voting for this feature if you consider it important.
-- SH
-
Letsencrypt wildcard certificate, check dns and continue automatically
When creating a wildcard certificate for a domain where we are hosting the DNS, letsencrypt creates the required DNS record automatically, but then shows a dialog telling us to check the dns before continuing.
Since plesk created the DNS record and the DNS points to our server, the plugin should be able to verify that the DNS is good and continue automatically.
If we are not hosting the DNS and we have to manually create the record before continuing, the tools can easily display a 'check dns' button that will do the dns lookup and confirm if good or not.
3 votesThank you for your suggestion. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
-- KvD
- Don't see your idea?