I have an installation of PLESK17 on AWS EC2 and using DOVECOT
I want to use this service’s certificates to secure POP/SMTP and found articles on how to achieve this.
They all mention PEM files that ‘should’ be located here:
I do have some domains in there but not the one I am looking for. The ones there belong to domains for which we requested SSL Certificates from LetsEncrypt before the server was upgraded to PLESK 17 (ONYX) ( previous version: PLESK 12.5 ) - so the issue may be related and specific to PLESK 17 (ONYX)
After some looking around I located the “certs” for the desired domain here:
/usr/local/psa/var/certificates/ with names like “cert-[7-random-characters]”
inside that file I can see all the different components/PEM files needed to allow for the setup described on the sources above.
These files seem to change names each time the a certificate is deleted/renewed/etc so I cannot(?) automate looking for the right file, extract each component and place them on:
/usr/local/psa/var/modules/letsencrypt/etc/live/[domain.tld] - I would like to take advantage of the auto-renewal process each time the plesk plugin gets a new certificate DOVECOT will always have access to latest PEM files in distinct files to match the DOVECOT syntax requirements.
If I do this myself I may cause problems(?). In the future LetsEncrypt might want to write to those locations – so I would need(?) to create my own custom location for ‘my’ PEM files which in turn makes maintenance more complex.
So… where are the missing PEM files? Why is let’s encrypt not saving the PEM files to their correct location or is plesk hijacking the creation of these files and putting them on this other location? how can I reliably + programmatically reach the correct “cert-[7-random-characters]” file.
Am I missing something?