Let’s Encrypt is an open certificate
authority providing free SSL/TLS certificates.
During Plesk installation, Plesk and the mail server are automatically secured
with a free SSL/TLS certificate from Let’s Encrypt. If, for some reason,
it did not happen, we recommend that you manually secure Plesk and the
mail server with a Let’s Encrypt certificate.
To secure Plesk and the mail server with a certificate from Let’s
Encrypt:
-
Make sure that the Let’s Encrypt
extension is installed. -
Go to Tools & Settings > SSL/TLS Certificates (under
“Security”). -
Click the + Let’s Encrypt button.
-
Make sure that the email address in the “Email address” field is
correct. This email address will be used to send important
notifications. -
Click Install.
At this stage, the certificate from Let’s Encrypt has been generated
and used to secure Plesk automatically. -
To secure the mail server, click the [Change] link next to
“Certificate for securing mail”. -
Select the “Let’s Encrypt certificate (server pool)” from the
drop-down list, and click OK.
Now both Plesk and the Plesk mail server are secured with the
certificate from Let’s Encrypt.
Note: In Plesk for Linux, when Let’s Encrypt replaces the default
self-signed certificate, in Tools & Settings > SSL/TLS
Certificates the name of the certificate used to secure Plesk is
changed to “Let’s Encrypt certificate”. In Plesk for Windows, the
default certificate name is changed to “Let’s Encrypt certificate”
only after you reload the Tools & Settings > SSL/TLS Certificates web
page in the browser.
Note: Once you secure the mail server with an SSL/TLS certificate, make
sure to access mail using:
- The domain name of the Plesk server for which the certificate was issued
(and advise your customers to do the same). - Mail for a domain that is secured with an individual SSL/TLS certificate.
Otherwise, the mail client software may be unable to verify the
mail server identity, which may cause issues when sending or
receiving mail.