How to secure webmail using Let's Encrypt in Plesk Onyx




  • Avatar
    Marco Marsala (Edited )

    You should place a redirect from http://webmail.domain.tld to https. Even the option "Hosting Settings > Permanent SEO-safe 301 redirect from HTTP to HTTPS" won't redirect the webmail; in any case these should be two separate options as the website may not support HTTPS yet.

    There is an UI bug too: selecting a certificate already used for securing webmail and hitting "Secure webmail" will freeze the interface.

  • Avatar
    Konstantin Annikov (Edited )


    There is no "redirect to https for webmail" feature in Plesk yet, but you can vote for it on UserVoice portal:

    And as a workaround, you can force https connection in Roundcube configuration file as it described here

    Or use the following article to make a redirect on the level of Apache: 
    How to redirect webmail HTTP to HTTPS

    As for the UI, I could not reproduce the same on my test server with newly installed Plesk Onyx 17.5. The following notification is shown after selecting the certificate which is already used for securing webmail on domain: 

    PLESK_INFO: The webmail was secured with the selected certificate. Important: webmail now works via HTTPS only, correct your bookmarks, links, and so on.

    So, please  submit a ticket for support in order to check if the issue persists on your server: 

    How to submit a request to Plesk Technical Support

  • Avatar
    Miha Gregorš


    is it possible to secure only even if it's domain and pointed to other sever?




  • Avatar
    Ivan Postnikov

    Hello @Miha,

    Let's encrypt extension does not support such scenario.

  • Avatar
    Aristeidis Vlachopanos

    Hello, in our server the webmail is and not . Is it possible to use this feature to secure it or is it specifically for the given subdomain?

  • Avatar
    Ivan Postnikov

    Hello @Aristeidis Vlachopanos,

    The default URL for webmail is indeed The instructions specified here are for this URL.

    This article is not applicable to non-standart webmail URL, configured using this workaround


  • Avatar
    David Hubbard

    Can Let's Encrypt be used to secure ONLY webmail?

  • Avatar
    Alexandr Nikolaenko

    Hello @David Hubbard

    Following steps from the article, you can choose Let's Encrypt certificate to secure webmail. Then, in Hosting Settings of the domain, you can specify another SSL certificate from the domain's repository to be used for the main website.

Please sign in to leave a comment.

Have more questions? Submit a request