How to secure the webmail subdomain of a website with a Let's Encrypt certificate?

Question

• How to secure the webmail. of a domain with a Let's Encrypt certificate?
• Is it possible to secure the webmail subdomain of a website with an SSL certificate, even if the Website hosting type is set as No web hosting on a Plesk server?

Answer

Note: If the SSL It! extension is not installed on the server, the domain must have the Website hosting type set for the domain to be able to install a Let's Encrypt certificate. If the SSL It! extension is installed and updated to its latest version, the Website hosting type set for the domain should not matter.

In order to secure the webmail subdomain with a Let's Encrypt SSL certificate, you must perform the following steps:

Warning: Before proceeding, make sure that the A record of webmail.example.com resolves to an IP address that belongs to your Plesk server.

1. Log into Plesk

2. Go to Subscriptions > example.com and make sure that a wildcard domain *.example.com or webmail.example.com are not set as subdomains for the Subscription.

   If such subdomains exist, rename or remove them, otherwise it will not be possible to issue a Let's Encrypt certificate for the webmail.example.com subdomain

3. Issue the Let's Encrypt certificate including the webmail domain under to Domains > example.com > SSL/TLS Certificates > Install > Make sure the option Secure webmail on this domain is checked > Get it free:

   Note: If it is required to use any of the other available options, make sure to check them as well
   

4. Go to Domains > example.com > Mail > Mail Settings
5. Verify that the newly created Let's Encrypt SSL certificate is selected in SSL/TLS certificate for webmail
6. Press Save