Skip to main content
Help Center
The GoDaddy Community will undergo maintenance starting on Tuesday, August 3rd at 3pm PST / 6pm EST. Learn more
  • GoDaddy Community
  • VPS & Dedicated Servers
  • VPS & Dedicated Servers

    Showing results for 
    Show  only  | Search instead for 
    Did you mean: 
    Getting Started

    Securing Plesk and mail server with Let's Encrypt

    New Windows server, interfacing with Plesk Onyx 17.8.11


    When I connect to server with Plesk, Chrome shouts at me that the connection is not secure. Fine. From Plesk-->Tools & Settings-->Security/SSL/TLS Certificates

    From that page, a helpful " + Let's Encrypt"  button. Clicking this loads a very promising page:

    "Secure Plesk With a Let's Encrypt Certificate"

    Two fields, both required: Domain Name (which is helpfully already filled in with by server hostname, in the format I've changed the server address here, but Plesk is loading the correct one for my server hostname. The other field is an email contact.


    This all seems great, and looks and follows exactly the instructions ("Securing Plesk and the Mail Server With a Certificate from Let's Encrypt") provided here:


    But when I click "Install" (step 5 in that link above), we get a red error message: Authorization for the domain failed, DNS problem: NXDOMAIN looking up A for


    Any thoughts?


    1 REPLY 1
    Getting Started

    Further adventures on this problem. I have managed to "secure" Plesk and the email server (in my case, the default installed MailEnable). My solution at present feels like a workaround and inadequate.


    To get this to work using the process above, I supposedly needed to have a resolvable domain. So I set up the A record of MyAwesomeDomain to point to my VPS server IP, and created a CNAME record I called "server" that points to the A.


    So now, in the process I describe above, I replace with


    Plesk now accepts this, and you can follow the instructions and everything works. You can now access the Plesk admin panel through https (, your email clients now recognize IMAP STARTTLS as an option for other domains on your VPS, where before only unsecured options were available.


    Except. Because you have now tied the email server on your VPS to an SSL certificate that is associated with a particular domain (the only way I could get the instructions to work!), you have what I consider to be an unacceptable problem. Other domains on your server, lets say, when they try to setup their domain (and leverage the Let'sEncrypt SSL in the usual way, which I admit works awesomely for their now-https-enabled web pages), quickly discover a serious issue. While they are able to use the email server on your VPS, and secure SSL connections are permitted with it, email clients (like Thunderbird, or the mail app on an iPhone) are going to scream during the setup process that you are attempting to secure an email account through a domain that is using another domain's certificate.


    This can't be the way things are done. Where have I gone wrong? Surely when you buy a VPS you can get working, secure SSL email behavior for the various domains on your server without all these shennanigans right out of the box?