Question
Is it possible to secure the mail server mail.example.com with Let's Encrypt SSL certificate when the A record for example.com is pointing to another server?
Answer
Currently, such a functionality is not implemented in Plesk yet.
Consider voting for this feature on the UserVoice portal. The top-ranked suggestions are likely to be included in the next versions of Plesk.
Alternatively, issue a certificate from another authority and secure mail using it:
How to install an SSL certificate for a domain in Plesk (Let's Encrypt / other certificate authorities)
Workaround
- Create a web hosting enabled subdomain mail.example.com
- Go to Domains > mail.example.com > SSL/TLS Certificates
- Issue a new certificate
- Go to Domains > example.com > Mail Settings
- Assign the certificate for mail.example.com
Note: In case example.com has no web-hosting it's necessary to create a new subscription for sub-domain mail.example.com.
Warning: Settings certificate for mail from different domain is temporary solution. Each Let's Encrypt certificate renewal will delete old certificate and new certificate will be issued. Due to that old certificate on example.com will be unchecked. So each Let's Encrypt certificate renewal requires to assign certificate on domain manually or with script again.