- Plesk for Linux
- Plesk for Windows
How to secure a Plesk mail server with an SSL certificate from Let's Encrypt or other certificate authorities?
Note: After configuring an SSL certificate for a Plesk mail server, use the domain name from this SSL certificate, when connecting to the Plesk mail server. Advise your customers to do the same. For more information, see:
- How to configure a secure connection when setting up an account in an email client
An SSL certificate secures the entire mail server and all domains on it. Currently, it is not possible to secure domains in Plesk with a separate SSL certificate for mail server. For more information, see these KB articles:
- For Plesk on Linux
- For Plesk on Windows Server
Securing a Plesk mail server with a free Let's Encrypt certificate (Plesk Onyx)
In Plesk, go to Extensions and search for Let's Encrypt.
Click on Let's Encrypt and then click "Get it free" (or "Install").
Once installed, go to Tools & Settings > SSL/TLS Certificates (under Security).
Click Let's Encrypt.
Make sure the Domain name and Email address fields contain a valid information:
Domain name will be used as an incoming and outgoing mail server when setting up an email account in a mail client. This domain must point to your Plesk server.
Email address will be used to receive important notifications and warnings.
Click Install. At this stage, an SSL certificate from Let’s Encrypt is generated and set to secure Plesk on port 8443 automatically. This certificate will be auto-renewed every 90 days.
Now, to secure a Plesk mail server, click [Change] next to Certificate for securing mail.
In the drop-down list, select Lets Encrypt certificate (server pool) and click OK. Here is the final look:
Securing a Plesk mail server with an SSL certificate from other certificate authorities
In Plesk, go to Tools & Settings and click SSL/TLS Certificates.
On the SSL/TLS Certificates page, add your certificate:
Note: If you are experiencing issues with a certificate installation, contact your certificate seller and ask for instruction for Plesk.
If an SSL certificate is stored in a single
Click Browse... to select a certificate file. Then click Upload Certificate.
If an SSL certificate is stored in the form of
Click Add under List of certificates in server pool and scroll down to the Upload the certificate files section and upload these files. If both the certificate and the private key parts of your certificate are contained in a
*.pem file (you can check it by opening the
*.pem file in any text editor), just upload it twice, both as the private key and the certificate. Click Upload Certificate once finished.
If an SSL certificate is stored as a text:
Click Add under List of certificates in server pool and scroll down to the Upload the certificate as text section. There, paste the certificate and the private key parts into the corresponding fields. Click Upload Certificate when you have finished.
Click [Change] next to Certificate for securing mail > select an uploaded certificate > click OK. Now mail server is secured with an SSL certificate.
For more information about securing mail server, visit: