Hello,
I installed Zimbra 8.8 on a CentOS 6 minimal box..
After tweaking the initial domain works 100%, lets call it mail.initaldomain.com MX record set as
MX - initialdomain.com 10 mail.initialdomain.com
A - mail.initialdomain.com 1.2.3.4
I have setup port-forwarding, TCP and UDP for all ports forwarded to 192.168.1.10. This is not my local LAN.
mail.initaldomain.com works great.. Webmail, incoming, outgoing, POP, IMAP
I added three more domains..
domain2.com
domain3.com
domain4.com
MX - domain2.com 10 mail.domain2.com
A - mail.domain2.com 1.2.3.4
MX - domain3.com 10 mail.domain2.com
CNAME - mail.domain3.com mail.domain2.com
MX - domain4.com 10 mail.domain2.com
CNAME - mail.domain4.com mail.domain2.com
Public Service Hostname: domain2.com
Virtual Hosts:
mail.domain2.com
domain2.com
Same for domains 3 and 4
I re-created the self-signed SSL certificate, adding mail.domain2.com, mail.domain3.com, and mail.domain4.com.
Using another machine I run
echo | openssl s_client -connect mail.initaldomain.com:443 | openssl x509 -noout -text | grep DNS:
It does confirm four DNS entries. I did ports 993 and 995 as well. It appears to be active to clients.
Now my problem...
When I enter https://mail.domain2.com it doesn't load..
In FireFox
Title: Problem loading page
Secure Connection Failed
The connection to the server was reset while the page was loading.
It does the same for mail.domain3.com and mail.domain4.com
If I load https://mail.initialdomain.com I can successfully login using user@domain2.com Shows the incoming messages. No issues.. Just the mail.domain2.com URL doesn't work.
I've been stuck on this for two days now.. Every search result shows adding the domain with the same Public Service Hostame, adding the Virtual Hosts, and it should be good..
None mention the SSL cert regeneration and/or adding the SANs..
After I get this working, I plan to switch to real certificates from Let's Encrypt.
But please.. What am I missing, I am sure it is something simple but I can not find the answer..
Thank you for your time,
Kevin
[Solved]Webmail for Alternate Domains Not Loading
[Solved]Webmail for Alternate Domains Not Loading
Last edited by kevinds on Sat Dec 30, 2017 6:49 am, edited 2 times in total.
- L. Mark Stone
- Ambassador
- Posts: 2802
- Joined: Wed Oct 09, 2013 11:35 am
- Location: Portland, Maine, US
- ZCS/ZD Version: 10.0.7 Network Edition
- Contact:
Re: Webmail for Alternate Domains Not Loading
If the domain part of the FQDN of your Zimbra server is not a domain actually hosted on your Zimbra server, you'll need to add a Virtual Hostname to the email domain's configuration.
This is due to a change in Nginx's config in 8.8.5. See https://bugzilla.zimbra.com/show_bug.cgi?id=108299 for more info.
Hope that helps,
Mark
P.S. Allegedly 8.8.6 will contain a new globalconfig(?) variable to control whether to revert this behavior to previous versions of Zimbra. If you follow all the links you'll see there are security as well as ease of use implications regarding this.
This is due to a change in Nginx's config in 8.8.5. See https://bugzilla.zimbra.com/show_bug.cgi?id=108299 for more info.
Hope that helps,
Mark
P.S. Allegedly 8.8.6 will contain a new globalconfig(?) variable to control whether to revert this behavior to previous versions of Zimbra. If you follow all the links you'll see there are security as well as ease of use implications regarding this.
___________________________________
L. Mark Stone
Mission Critical Email - Zimbra VAR/BSP/Training Partner https://www.missioncriticalemail.com/
AWS Certified Solutions Architect-Associate
L. Mark Stone
Mission Critical Email - Zimbra VAR/BSP/Training Partner https://www.missioncriticalemail.com/
AWS Certified Solutions Architect-Associate
Re: Webmail for Alternate Domains Not Loading
If the domain part of the FQDN of your Zimbra server is not a domain actually hosted on your Zimbra server, you'll need to add a Virtual Hostname to the email domain's configuration.L. Mark Stone wrote:If the domain part of the FQDN of your Zimbra server is not a domain actually hosted on your Zimbra server, you'll need to add a Virtual Hostname to the email domain's configuration.
This is due to a change in Nginx's config in 8.8.5. See https://bugzilla.zimbra.com/show_bug.cgi?id=108299 for more info.
Hope that helps,
Mark
P.S. Allegedly 8.8.6 will contain a new globalconfig(?) variable to control whether to revert this behavior to previous versions of Zimbra. If you follow all the links you'll see there are security as well as ease of use implications regarding this.
It is..
These are all unique registered domains, that this Zimbra server does mail for.
Also not sure why the guy who submitted the bug report is using NAT to other publicly routed IPs addresses..
initialdomain.com
domain2.com
domain3.com
domain4.com
This Zimbra server handles the mail for, with mail. as the subdomain to reference the server.
Unlike the bug report.. My initialdomain.com works without issue, the three alternate domains do not load the webmail sign-in page.
Side question about the forum.. How did this get marked solved?
Re: Webmail for Alternate Domains Not Loading
Yes, I already did that...L. Mark Stone wrote:If the domain part of the FQDN of your Zimbra server is not a domain actually hosted on your Zimbra server, you'll need to add a Virtual Hostname to the email domain's configurationuse implications regarding this.
Re: Webmail for Alternate Domains Not Loading
Alright,
I figured it out..
Need to add the server name, in my case mail.initialdomain.com to the virtualHosts of domains domain2.com, domain3.com, and domain4.com.
This is backwards from what the virtualHosts says in the yellow tip-box above it. Also backwards from virtualHosts in general..
"Any user that logs in while using a URL with one of the hostnames below will be assumed to be in this domain, domain2.com."
Someone using mail.initialdomain.com should not be assumed to be a user of domain2.com.. Same for domain3.com and domain4.com
How do I get out of mod-jail? I can't even see my posts to edit them..
I figured it out..
Need to add the server name, in my case mail.initialdomain.com to the virtualHosts of domains domain2.com, domain3.com, and domain4.com.
This is backwards from what the virtualHosts says in the yellow tip-box above it. Also backwards from virtualHosts in general..
"Any user that logs in while using a URL with one of the hostnames below will be assumed to be in this domain, domain2.com."
Someone using mail.initialdomain.com should not be assumed to be a user of domain2.com.. Same for domain3.com and domain4.com
How do I get out of mod-jail? I can't even see my posts to edit them..