Plesk 12.5 (together with the Let’s Encrypt plugin) is a convenient tool that comes with batteries included for most cases. However, webmail is only accessible via SSL with the self-signed certificate by default. Some people suggest patching the config files (which potentially gives problems after updates), but here is a different approach that works with the frontend functionality only.
Imagine, we have the website example.com in plesk 12.5 with webmail enabled. In this case, the default webmail address is webmail.example.com. To offer SSL-protected webmail, follow these steps:
1. Add a new subdomain, e.g. mail.example.com, to plesk.
2. Set its SSL certificate as usual (or using the Let’s encrypt plugin)
3. Enable mod_proxy and proxy_http as apache modules.
4. Set the directives for Apache as follows for HTTP (not HTTPS!):
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule "^/.well-known/acme-challenge/.*" - [L]
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
5. Set the directives for Apache as follows for HTTPS:
ProxyRequests Off ProxyPass / http://webmail.example.com/
One thought on “Secure Plesk Webmail with SSL”
Thanks! This is a good workaround as long “Lets Encrypt” doesn’t support the “static/whatever” webmail.domain.tld DNS record.
But under 4. It should be HTTP>>S<<
Sorry for my bad English..