Dear people, I have a Zimbra servrr 8.7 with multiple domains, just one SSL common certificate with a generic canonical name and just one public IP.
In SMTPD mode, my Zimbra is listening to incoming connections from Internet mail servers in TCP/25 and TCP587 ports, and offers STARTTLS to encrypt the channel with SSL/TLS. Remote servers can't validate the certificate because the canonical name doesn't match the domain name, but email anymore.
I want to offer STARTTLS on ports TCP/25 and TCP/587 for incoming emails with the corresponding SSL certificate per domain.
Please can you tell me if these options are possible:
1) Install a SNI Certificate, so I can have a valid SSL certificate per domain using just one public IP
2) Install one SSL Certificate per domain, using a virtual hostname and a virtual IP per domain
Or maybe you can give me a new option...
Also I need to know if the above options suit for STARTTLS (SSL/TLS) for incoming connections or they only suit for HTTPS connections ???
Thanks a lot and regards !!!
- Zimbra Collaboration 8.6 Patch 9 now available (includes fix for CVE-2017-8802). Read the announcement.
- Zimbra Collaboration 8.8.7 + Zimbra Connector for Outlook 8.8.7 are available.. Read the announcement.
- Are you a Zimbra Developer? You can find some interesting stuff in our Official GitHub: https://github.com/Zimbra and check the Community Projects too: https://github.com/Zimbra-Community/
SSL certificates for multiple domains with STARTTLS connections
-
robertitox
- Posts: 16
- Joined: Sun May 06, 2018 10:48 pm
Who is online
Users browsing this forum: Google [Bot] and 22 guests