Getting SSL cert for email in plesk apache


#1

Please fill out the fields below so we can help you better.

My domain is:

I ran this command:

It produced this output:

My operating system is (include version):

My web server is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):


#2

HI

first time in this forum

I run a VPS apache server using the latest PLESK control panel
the control panel makes it easy to install and enable SSL

it has an add on to install and secure all my domains using lets encrypt SSL cert.

but

those certs do not work for my mail server

where can I buy cheap…a cert that will work for my mail server
that I can download and upload in plesk to use?

what kind of SSL am I looking for? for email…

I know little about SSL

thanks


#3

The Let’s Encrypt certificates work fine for mail servers ( assuming you want them for POP3, IMAP, SMTP rather than encryption of emails themselves. Why do you say the certifcate does not work ?


#4

I say they do not work because if I set up any email using POP3

for a domain in any email client, and if If I chose to use SSL
authentication

I get an error

its not a big deal cause you can skip the pop up box
or opt not to use SSL authentication

here attached is one of the pop up boxes I would get

also, I read online on a page from letsencrypt themselves
that the letsencrypt certs do not work for email
only domains

thanks


#5

That’s because you are using a certifcate for “higain.ca” and then trying to connect to “mail.higain.ca”.

You need to either connect using “higain.ca” or obtain and use a certificate for “mail.higain.ca


#6

hi

the certificate I used is generated by the add on for plesk

I do not know how to get a cert for just mail.higain.ca

also

I have only one place in plesk to install a cert for my email

higain.ca is the main domain name for my VPS

but I have many domains

does this mean that even if I do instal a cert for email

it will only work for the mail.higain.ca ?

thanks


#7

If you, somehow, get a cert just for mail.higain.ca then yes, when using that certificate, it will only work for that hostname.

Also, I am not aware of any many mail server with don’t have SNI capabilities (EXIM does have SNI support), so if you want multiple hostnames for your single mail server with just one certificate, you must add all those hostnames to that one certificate.

Hmm, Courier supposedly also has SNI capabilities: https://wiki.herzbube.ch/index.php/Courier#SNI


#8

This partially depends on what you use for your mail service, and what version it is.

The easiest is often to use the “server name” to connect to general server services like email - and then use the appropriate certificate for that “server name” which needs to be a FQDN of course.

Many of the recent mail services can use different certificates for different domains, but this is more complex to set up.

The questions here are more about server setup and email server setup rather than certificates ( which this forum is about). Not a complaint - but you might find that detailed help on configuring plesk for email setup, you might find quicker answers from a plesk forum.


#9

thanks

I am going to use a plesk forum and ask if there is a way to make the
one email cert work for all domains

dennis


#10

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.