service certificates for migrating accounts

ASK: can we have the service account cert have multiple fqdns? It'd save a headache every time we transition accounts to new servers. I'm currently moving my sites to a new server and am hoping I can go through a certificate change with my customers once now and never have to do it again. My current server hostname is vhost10.. (original, right?). Right now my cutomers have their email clients (like gmail) pointed to vhost10....:587/993/etc to read/send email. When I move their sites, they'll need to switch to the new server, in this case it's vhost12. What would be nice is if I could instead transition each client to something like ... That way in the future, when I move their site to a new server, I would just change .. to point to the new server. They'd never see the change or be asked to update their settings. The only thing is, all the service certs are tied to the hostname. So I don't know how to have the service cert include multiple FQDNs that all point to the server's IP. Is that possible?

ffeingol

March 28, 2021 18:36

It's not going to help you at all now, but with cPanel offering free Let's Encrypt certificates as well as they own, it's much easier to have your clients use mail.theirdomain.tld vs using your host name. Their domain will never change and it will have a valid cert.

dev.null

March 28, 2021 18:41

Is that true? When they connect to port 587 to send or 993/995 to receive, do those services answer with _every_ mail.* cert on the server?

March 28, 2021 22:28

As far as I know, yes. We've had our clients use mail.theirdomain.tld for a long time with no issues.

March 28, 2021 23:33

Awesome. As we transition this time I'll tell them to use mail. for all their email service endpoints. Thanks!

cPRex Jurassic Moderator

March 29, 2021 15:14

Yup - you should see the correct mail.domain.com domain name listening on the mail service by default.

service certificates for migrating accounts

Comments

Didn't find what you were looking for?