Dear people, I have a Zimbra servrr 8.7 with multiple domains, just one SSL common certificate with a generic canonical name and just one public IP.
In SMTPD mode, my Zimbra is listening to incoming connections from Internet mail servers in TCP/25 and TCP587 ports, and offers STARTTLS to encrypt the channel with SSL/TLS. Remote servers can't validate the certificate because the canonical name doesn't match the domain name, but email anymore.
I want to offer STARTTLS on ports TCP/25 and TCP/587 for incoming emails with the corresponding SSL certificate per domain.
Please can you tell me if these options are possible:
1) Install a SNI Certificate, so I can have a valid SSL certificate per domain using just one public IP
2) Install one SSL Certificate per domain, using a virtual hostname and a virtual IP per domain
Or maybe you can give me a new option...
Also I need to know if the above options suit for STARTTLS (SSL/TLS) for incoming connections or they only suit for HTTPS connections ???
Thanks a lot and regards !!!
- Zimbra Collaboration 8.6 Patch 9 now available (includes fix for CVE-2017-8802). Read the announcement.
- Zimbra Collaboration 8.8.7 + Zimbra Connector for Outlook 8.8.7 are available.. Read the announcement.
- Are you a Zimbra Developer? You can find some interesting stuff in our Official GitHub: https://github.com/Zimbra and check the Community Projects too: https://github.com/Zimbra-Community/
SSL certificates for multiple domains with STARTTLS connections
-
robertitox
- Posts: 16
- Joined: Sun May 06, 2018 10:48 pm
-
pup_seba
- Outstanding Member
- Posts: 687
- Joined: Sat Sep 13, 2014 2:43 am
- Location: Tarragona - Spain
- Contact:
Re: SSL certificates for multiple domains with STARTTLS connections
Hi,
As far as I'm aware, SNI in Zimbra is only supported for https.
Regards,
As far as I'm aware, SNI in Zimbra is only supported for https.
Regards,
Who is online
Users browsing this forum: kencheng and 5 guests