• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Input matchup dns template (ftp) - lets encrypt

T

TomBoB

Silver Pleskian
Hi,

small suggestion for future improvement.

For yonks years now the default DNS template creates the CNAME entry for ftp.<domain> . Makes sense as it has been (still is?) the de facto standard forever for FTP access. [Yes I'm aware of other possibilities and configs]

If it's created on the one side, you might as well cover it on the other side and have lets encrypt secure it. [proftpd does support proper SNI these days :)]

Just my 2 pennies... ;-)
 
I think the problem with this is that "ftp" would need to be a storage space on the web server that can be accessed through ports 80 or 443. It would probably be a bit risky to create a kind of "virtual" domain for that, because people will start relying on it and later the Let's Encrypt group might change their policies on domain validated certificates. At least "ftp" would not only need to point to a space accessible on port 22, but also on some web space.

The idea is good, though. What you could do however is you could add a an alias "ftp" to your domain name, because then your certificate can simply include that alias. Have you tried that?
 
Peter Debik said:
What you could do however is you could add a an alias "ftp" to your domain name, because then your certificate can simply include that alias.
Click to expand...
I must admit, you lost me there. How do you create an alias subdomain for its own domain? Do you mean create a ftp subdomain? If so, not an option unfortunately.
 
I thought about hitting the "Add alias" button and enter the ftp subdomain as an alias to the main domain. That should do the trick. I have not tested it, but it should work.
 
Hi Peter, sorry for my earlier confusing answers. Got deleted.

What we forgot: even when creating the alias as you suggest, it would only secure the website side of things. It would not copy the cert for use on the FTP service - I'd have to come up with that manually / a script.
And at that point we're hitting my lack of knowledge about the exact internal workings of how Plesk handles FTP. But will make myself clever ;)
 
You must log in or register to reply here.

Similar threads

kaw.one
Question (VPS) Cloudflare, Gmail and Other Plesk Panel 8443 (2 minutes - slow read)
Replies
1
Views
2K
kaw.one
kaw.one
andreios
Issue Auto renew of wildcard cert. fails because Plesk doesn't apply DNS template changes
Replies
8
Views
3K
andreios
andreios
I
Question Problems with Email certificate renewal - seems linked to changes in SNI support
Replies
0
Views
3K
iainh
I
D
Issue Let's Encrypt cert using wrong domain name
Replies
5
Views
3K
davorg
D
B
Issue Verifying Let's Encrypt when not using root domain or DNS
Replies
0
Views
712
Brandon Turpin
B
Back
Top