How can I change default certificates for SMTP, IMAP, and POP3 over SSL in Plesk Automation(PA)?
The certificate for SMTP over SSL is located in the following file:
For IMAP4 and POP3 over SSL, the following certificate files are used:
In PA 11.5 paths are slightly different:
By default, these are self-signed certificates which are generated during Plesk Automation installation. If you need to set up your own certificates, copy and paste your certificate and Private Key into the appropriate files and restart "postfix" and "courier-imap" services:
# /etc/init.d/courier-imap restart # /etc/init.d/postfix restart
In PA 11.5 names of services are different too:
# /etc/init.d/courier-pop3d restart # /etc/init.d/courier-pop3s restart # /etc/init.d/courier-imapd restart # /etc/init.d/courier-imaps restart # /etc/init.d/postfix restart
Postfix Mail node works as shared Mail hosting server. It is important that the client specifies the domain that the certificate is issued for in order to avoid a warning that the certificate name does not match that of the host you are connecting to.
For example, if the certificate was issued for the "example.com" domain, then you should specify "example.com" as the connection string in your mail client preferences for SMTP/POP3/IMAP servers.
NOTE: There is a single certificate for each of these services: SMTP, IMAP4, and POP3 over SSL. Multiple certificates cannot be used for multiple Plesk Automation domains.
The SSL certificates text in
/usr/share/courier-imap/pop3d.pem and in
postfix_default.pem should looks like this:
-----BEGIN PRIVATE KEY----- text from example.com.key file -----END PRIVATE KEY----- -----BEGIN CERTIFICATE----- text from example.com.crt file -----END CERTIFICATE-----
Note: You can verify that certificates were installed sucessfully using #118918 article.