- Plesk Onyx
- Valid SSL certificate is issued for example.com domain and installed in Plesk > Domains > example.com > Hosting Settings > Security > Certificate, for example issued by Let's Encrypt.
- Another certificate is set for securing mail in Plesk > Tools & Settings > SSL/TLS Certificates > Certificate for securing mail, for example Plesk default self-signed certificate.
- Configuring a mail client, the domains name is set as Incoming/Outgoing mail server.
- The mail client is pulling the self signed Plesk certificate instead of the Let's Encrypt certificate which is currently enabled for the subscription.
It is expected behavior. There are two different certificates: a certificate for a website to use secure connection via HTTPS and a certificate to secure connections to mail server.
The connection is being established to the mail server and the certificate configured for securing mail in Plesk is used for the connection.
Change the certificate for securing email server with the one which issued for the server's hostname hostname.com:
- Go to the Home > Tools & Settings > SSL/TLS Certificates > Let's Encrypt
- Put hostname.com into the Domain name field and press Install/Renew.
- Go to Tools & Settings > SSL/TLS Certificates. Click Change near the Certificate for securing mail field, select Lets Encrypt certificate (server pool), and click OK.
- Manually set server's hostname during configuration of mailbox in a mail client instead of domain's name.