Incorrect certificate used for mail client in Plesk

Follow

Comments

6 comments

  • Avatar
    Fouad Ahmed Fouad

    The solution provided is not the best, i want to secure every domain on server with its own wildcard certificates not the main server's certificate because every client when he configures his mail program he will use his own domain's name on settings and he will get back error says certificate is issues for another domain or isn't trusted! please provide a CLI so we can enable option "SSL/TLS certificate for mail" for all subscriptions as I searched and didn't find how to do that, doing this option is available at Plesk on UI but when you have about 100 domains installed on server you will have to do it 100 times! please help us with bulk CLI options for all installed domains?

    0
    Comment actions Permalink
  • Avatar
    Mikhail Shport

    Hello Fouad Ahmed Fouad,

    It is possible to set the certificate for mail with the next command:

    # plesk bin subscription_settings --update example.com -mail_certificate 'certificate_name'

    You may check all possible options of the command by using help:

    # plesk bin subscription --help

    0
    Comment actions Permalink
  • Avatar
    Fouad Ahmed Fouad

    Hello Mikhail,

     Can we do it like a loop for all domains available on server using the installed SNI let's encrypt certificates instead of doing it manually for every domain at plesk. suppose we have 100 domains and we want to do it in one command.

    0
    Comment actions Permalink
  • Avatar
    Alex Rubio

    Any GUI solution to be aplied for the noobs user?
    We have same problem, seams not very profesional, say to customer that need accept exception security.

    0
    Comment actions Permalink
  • Avatar
    Leonid Gukhman (Edited )

    @Alex Rubio

    Hi! With SNI support, the certificate can be selected under Domains > example.com >  Mail Settings > SSL/TLS certificate for mail (see https://support.plesk.com/hc/en-us/articles/115001446174)

    In Plesk Onyx, the certificate should be selected under Tools & Settings > SSL/TLS Certificates > Certificate for securing mail.

    0
    Comment actions Permalink
  • Avatar
    Leonid Gukhman

    @Fouad Ahmed Fouad

    With the standard name for Let's Encrypt certificates being "Lets Encrypt example.com", the command to set the mail server certificate for all domains would be as follows (with domains.txt containing the list of the domains):

    # cat domains.txt | while read i; do plesk bin subscription_settings -u $i -mail_certificate "Lets Encrypt $i"; done

    To put all domain names from Plesk into the text file, use the following command:

    # plesk bin domain --list > domains.txt

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request