Article ID: 118917, created on Nov 29, 2013, last review on Jun 13, 2015

  • Applies to:
  • Plesk Automation 11.1
  • Plesk Automation 11.5


How can I change default certificates for SMTP, IMAP, and POP3 over SSL in Plesk Automation(PA)?


The certificate for SMTP over SSL is located in the following file:


For IMAP4 and POP3 over SSL, the following certificate files are used:


In PA 11.5 paths are slightly different:


By default, these are self-signed certificates which are generated during Plesk Automation installation. If you need to set up your own certificates, copy and paste your certificate and Private Key into the appropriate files and restart "postfix" and "courier-imap" services:

 # /etc/init.d/courier-imap restart
 # /etc/init.d/postfix restart

In PA 11.5 names of services are different too:

 # /etc/init.d/courier-pop3d restart
 # /etc/init.d/courier-pop3s restart
 # /etc/init.d/courier-imapd restart
 # /etc/init.d/courier-imaps restart
 # /etc/init.d/postfix restart

Postfix Mail node works as shared Mail hosting server. It is important that the client specifies the domain that the certificate is issued for in order to avoid a warning that the certificate name does not match that of the host you are connecting to.

For example, if the certificate was issued for the "" domain, then you should specify "" as the connection string in your mail client preferences for SMTP/POP3/IMAP servers.

NOTE: There is a single certificate for each of these services: SMTP, IMAP4, and POP3 over SSL. Multiple certificates cannot be used for multiple Plesk Automation domains.

The SSL certificates text in /usr/share/courier-imap/imapd.pem and /usr/share/courier-imap/pop3d.pem and in postfix_default.pem should looks like this:

text from file
text from file

Note: You can verify that certificates were installed sucessfully using #118918 article.

Search Words

Outlook warning

Outlook: The target principal name is incorrect

smtp imap pop3 ssl

change default certificate

change SMTP certificate

roundcube not working

587 port certificate issue

c1ecc6010feff26cb42d1d14a7881dd6 e0aff7830fa22f92062ee4db78133079 33a70544d00d562bbc5b17762c4ed2b3 caea8340e2d186a540518d08602aa065

Email subscription for changes to this article
Save as PDF