Feature Suggestions
Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.
Please write in English so that voters from all over the world can read and support your request.
Off-topic posts will be removed from here
18 results found
-
Add ZeroSSL as an alternative to Let's Encrypt
https://zerossl.com now offers 90 days ssl certificates that work with ACME.
It would be nice to be able to choose it as a ssl certificates provider in Plesk.
Probably not too complicated since it relies on same technologies.
12 votesThere have been some good arguments why users would like to use ZeroSSL as an alternative to Let's Encrypt. It is correct that the vendor also offers a free variant of their SSL certificats. But in the end it is a commercial vendor who strives to sell paid certificates while the existing SSLIt solution provides the option to only offer free certificates to users.
A vendor like ZeroSSL has the option to develop an extension for Plesk on its own and submit it to the Plesk extension catalog so that users of that vendor can use their services through Plesk. The API documentation for that is free to access for the vendor. Plesk cannot develop software on behalf of a commercial vendor to sell their products, this is the task of the vendor.
For that reason we ask you to suggest to ZeroSSL that they develop their own extension to…
-
A button to manually reissue SSLs for all domains
Can we get a button to manually reissue SSLs for all domains and subdomains?
I had a few issues in the past year because SSLs didn't automatically renew which made me lose hours with support tickets.
I would prefer to hit the button "Reissue SSL for domains" once every 60 days over relying that everything will just work automatically.
7 votesReissuing SSL certificates for all domains on a server cannot solve any issue. Reissueing certificates automatically makes no difference to the automatic renewal attempt of SSLIt/Let's Encrypt. Instead, the correct solution to solve renewal issues of certificates is to check the "Keep websites secured" checkbox on the SSL page of the domain. Then, if aliases or subdomains that were formerly included in a certificate , that have been removed meanwhile are now missing can be excluded from the automatic renewal process. A second reason why such a reissue button for all domains is a bad idea is that LE rate limiting will be hit on servers with a certain number of domains. For many users it will then become impossible to issue new certificates for a certain ban time.
So overall this feature request cannot be an appropriate approach to solve SSL renewal issues. We must decline it.
-- PD
-
Make the "secure your sites" button display, but be un-clickable and greyed out, SSL
The Secure your sites SSL feature button should be visible, but greyed out, with a description at the bottom that says "You must have a dedicated IP to activate SSL" to prompt customers to follow the SSL setup in order and not attempt to create SSL certs without IP addresses.
5 votesIsn’t actual nowadays.
— rk
-
2 votes
Upd: Sorry, we are closing the request as no information was provided for over a month.
—
IG -
LetsEncrypt confirmation form is very badly designed
The LetsEncrypt enabling confirmation form is terrible.
First off, it requires that the user wait for something before they hit Continue, while the Continue button is readly enabled and very prominent. The instruction to wait on DNS change, is described in a tiny final sentence on the form. This is as bad UX as it gets.
Also, it doesn't describe how the user should check whether the change (adding the TXT record) was completed.
There's also two Cancel buttons for some reason.
2 votesWe have tested different scenarios but were unable to reproduce a scenario that is described in this feature request. Without detailed further information what is meant it is not possible to follow-up on this suggestion at this time. For that reason we must decline this request.
-- PD
-
2 votes
Upd: Sorry, we are closing the request as no information was provided for over a month.
—
IG -
Subdomain of parent domain using Lets Encrypt wildcard
Once you enable a domain to use a wildcard, subdomain's still use their own certificate rather than the new wildcard certificate and currently there's no way to link the existing subdomain to use the new wildcard.
2 votesUpd: Sorry, we are closing the request as no information were provided for over a month.
—
IG -
Create SSL certificate using list of DNS records if enabled
When creating SSL certificates with letsencrypt we get a list of subdomains to add, but this list is only for subdomains created in plesk, it would be better if in this list there was also the list of domains in the DNS settings that are CNAME of the domain or that point to the same ip
This would allow to generate certificate for the mail domain for example to secure emails without needing a wildcard certificate
Also a bit related: when we want to create a subdomain that is one in the DNS template of the domain, it says the…
1 voteThank you for your suggestion. We appreciate your input. Unfortunately because of technical limitation it's not possible to secure domains based on DNS records as there is not way validate the (sub) domains belonging the a CNAME records when those don't point to the same webspace.
A workaround could be (depending on the exact use case) to add (sub) domain as an alias to the primary domain.
-
More options to validate domain throw txt record for letsencrypt
More options to validate domain throw txt record for letsencrypt
1 voteNo further information has been provided during the past months. We must decline this request.
-- PD
-
Let's encrypt plugin should set TTL=30secs when modifying _acme DNS registers
When the Let's Encrypt plugin within SSL It! modifies the _acme register on the DNS zone it sets the TTL to the default amount of time by default the zone has.
I think the _acme registers should be as low as 30 seconds to avoid problems when reissuing certs with the caches of the DNS servers.
I think it's one easy to do modification.
Regards,
1 voteHi @NetVicious. Thank you for your feature request. However, it seems that this is related to a rare experience where a TTL did not work in some specific case. We are seeing thousands of transactions where TTL is 3600 and there has never been any issue reported on it. If you are experiencing a specific case where the default setting has not worked correctly for you, we ask you to please open a ticket with support so that the issue can be investigated on your server.
https://support.plesk.com/hc/en-us/articles/213953025-How-to-get-support-directly-from-Plesk-
-
Implement the ability to remove the default certificate from newly created domains.
When creating a default server certificate within "Tools & Settings > SSL/TLS Certificates" it appears for all domains created, even those domains which doesn't match with the server certificate name.
Implementing a feature at "SSL/TLS Certificates" to avoid displaying the default server certificate for customers within "Domain > example.com > Hosting Settings > Security" can avoid having a customer use a certificate which doesn't match with their domain.
1 voteWith only 1 vote in 2 years this request did not become popular. We must decline it.
-- PD
-
1 vote
Upd: Sorry, we are closing the request as no information were provided for over a month.
—
IG -
Be able to hide option "Assign the certificate to mail domain IMAP, POP, SMTP server"
Be able to hide option "Assign the certificate to mail domain IMAP, POP, SMTP server" from the new SSL-IT-extension, so customer are unable to use this option when issuing the certificate.
1 voteUpd: Sorry, we are closing the request as no information were provided for over a month.
—
IG -
Add CSR for an existing certificate
Please add functionality to add CSR for existing certificates.
Currently, it can be implemented using Linux command line:
https://stackoverflow.com/questions/9471380/create-csr-using-existing-private-key1 voteUpd: Sorry, we are closing the request as no information were provided for over a month.
—
IG -
Remove 'Secure with an SSL/TLS Certificate' from 'Add a Subdomain'
When adding a subdomain, it takes (at least at my webhoster) 15 min before the changes take effect. If one checked 'Secure the domain with Let's Encrypt' on the page 'Add a Subdomain', an error is thrown because the newly created subdomain is not available in time.
Therefore, I suggest taking this 'feature' off the 'Add a Subdomain' page.
1 voteThank you for your input!
Unfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
Option to not select alias domains in Let's Encrypt by default
By default, the Let's Encrypt extension pre-selects all alias domains of a domain to be included in the Let's Encrypt certificate. This can lead to some unwanted results, for example when one of the alias domains is removed from the DNS at a later stage (because it was only used for testing) which would result in Let's Encrypt being unable to renew the certificate.
It would be nice if there was an option that allows us to configure that alias domains should not be selected by default in the Let's Encrypt extension.
1 voteThank you for your input!
Unfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
Remove default certificate and set Let's Encrypt certificate as default when securing Plesk login page
When securing Plesk with Let's Encrypt, the default certificate should be removed and/or the generated Let's Encrypt certificate should be set as the default one.
Such Let's Encrypt certificate should be automatically applied to mail too, and in such case, if server hostname is changed later, that certificate should be automtically reissued, or at least a warning should be generated.
1 voteThank you for your input!
Unfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
Simplify adding a renewed ssl certificate (that uses the existing private key)
Currently, to install a manual certificate:
- Copy private key, paste private key, update Cert and CA
- Go to Web Settings, change certificate to new one
Proposed process:
- Select "Add Certificate" option next to the certificate
- Private key automatically reused (perhaps read-only or hidden by default)
- Name, Insert/Upload Certificate and CA
- Show a "Replace certificate" option, that will update the domains that used the original certificate.
1 voteThank you for your input!
Unfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG
- Don't see your idea?