Is it possible to secure the mail server mail.example.com with Let's Encrypt SSL certificate when the A record for example.com is pointing to another server?

Follow

Comments

3 comments

  • Avatar
    Paul S

    I have done this and worked find, but when the SSL certificate of mail.example.com was renewed the mail settings of example.com where this one was set

    1
    Comment actions Permalink
  • Avatar
    Tom Franssen (Edited )

    The workaround does only work until the certificate is being renewed again, as the renewal process then clears the selected certificate on the root domain leaving the mail without certificate. This is a bug. Can you fix that? It shouldn't touch the configuration on the main domain.

    0
    Comment actions Permalink
  • Avatar
    Julia Minenkova

    Hello Tom,

    Correct. Each certificate renewal requires to set certificate on domain again. This is new scenario that requires additional research that is why feature request is created. For now solution is when Let's Encrypt certificate expires, it requires to renew certificate on domain manually or with command line:

    # plesk bin subscription_settings -u example.com -mail_certificate "Lets Encrypt mail.example.com"

    You may create script/scheduled task that is executed on daily basis, for example. 

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request