Multi Domian Certificate through Plesk


#1

My domain is: lifemaxuk.co.uk, goodlifeguide.co.uk

I have one server that hosts various domains, two of which use the mail server (postfix, dovecot). We have, up until now been using no encryption on our email and have recently fallen victim to a huge attack on our mail server. We are therefore trying to put in place a secure mail server.

I’m issuing letsencrypt certs through plesk but that wont allow me to issue a cert with more than one domain on which gives me postfix issues as postfix will only link to one cert.

Is there a way I can issue a multi domain cert (only needs two domains) via plesk? I do also have shell access and and am competent in using so would be happy to issue a cert manually if I can? What I’m not sure about is where and how plesk implements letsencrypt as there is no file location or directory for /etc/letsencrypt?

Any help would be most appreciated as our emails are currently completely quarantined due to the spam attack.

Thanks in advance.

My web server is (include version): apache 2.4.18

The operating system my web server runs on is (include version): Ubuntu 16.04

My hosting provider, if applicable, is: Simply Hosting, Dedicated

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Yes, plesk onyx


#2

As you’ve discovered, Postfix doesn’t support SNI and you have to resort to putting multiple names on a single certificate.

I don’t think that Plesk will help you include multiple names on the main Plesk certificate. You could try to modify the “Let’s Encrypt certificate” using this interface but I don’t have access to Plesk to confirm and suspect it’s not possible.

Alternatively, you can manually install any certificate you want using these instructions, but you’d have to do that out-of-band of Plesk and manually re-do it every 60-90 days :sleeping:.

It uses its own implementation that is written in PHP and unfortunately encoded/obfuscated. You could try these instructions to use it on the CLI, but they may be out of date: https://github.com/plesk/letsencrypt-plesk/wiki/Command-Line-Interface

Alternatively, you can use any ACME client if you can figure out the right webroots to do what you want.


#3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.