Dovecot SSL config issue
Hello,
I have just deployed a new server to replace my old server which has been running for a little over 5 years without issue!
During the change I elected to use Dovecot rather than Courier - the problem now, is that when you connect using SSL I get an SSL error:
Unable to establish a secure connection to mail.mydomain.com.
It has something to so with the self assigned SSL certificates I think - I have tried installing a Geotrust SSL, but I then get a domain mismatch error.
The Dovecot SSL is assigned to my hostname (server.myserver.com) and I'm connecting to mail using mail.mydomain.com
Is this correct, or do I need an SSL for every domain that connects to Dovecot ??
Thanks.
-
Hello :) It's normal to see the domain mismatch message if you connect to your mail server using a different hostname than what's used for the SSL certificate. The best way to avoid that message is to connect using the SSL certificate name. Thank you. 0 -
Thanks, so if I setup an SSL for mail.myserver.com and connect to mail using mail.myserver.com will that work ? EDIT: just tried the above, doesn't work - domain mismatch error again. So do I have to setup an SSL for every domain that connects ?! 0 -
[quote="tjmoore, post: 1641421">Thanks, so if I setup an SSL for mail.myserver.com and connect to mail using mail.myserver.com will that work ?EDIT: just tried the above, doesn't work - domain mismatch error again. So do I have to setup an SSL for every domain that connects ?!
The Services like : cPanel/WHM/Webmail Service Dovecot Mail Server Exim (SMTP) Server FTP Server are using the hostname of your WHM server. If you want to connect with mail.myserver.com you have to use a signed certificate for mail.myserver.com. If you have a single SSL cert it is usallly for0 -
Please keep in mind that certificates for services such as Dovecot are manged via: "WHM Home " Service Configuration " Manage Service SSL Certificates" You should not receive a domain mismatch error if you are connecting to the mail server with the SSL certificate name from the above option configured in your email client. Thank you. 0 -
Hello I have a similar issue. I don't know if I understood the answer correctly. Not every customer wants to buy an ssl certificate for their domain. But I can also understand that the customers are confused when they get a pop up warning when logging in their control Panel or webmail. To avoid these conversations with customers, we are looking for a global solution. So if I get an ssl certificate for: server.hostname.com - will the ssl Warning not appear anymore? I am kind of struggling with this. Because I saw that the company thawte has an SSL Certificate - for Webserver and in there it says: "Create a secure, private connection between a web browser and web server, including gateways, web forms, mail and FTP servers, and VPNs with up to 256-bit SSL encryption" Now I am confused, do we need a normal ssl Certificate or a Webserver Certificate for our Cpanel customer Accounts, so that they don't get the popup Browser Warning? Can someone please help me to get this issue handled? If there was a url for each cpanel Customer login link, what would this url look like? How do other hosting companies handle this issue? I hope someone can help. thank you 0 -
Your customers will need to use the hostname of the server in their email client mail settings if that's the host you purchased the SSL certificate for. However, it sounds like you may be seeking functionality that does not exist. There is a feature request open at: [url=http://features.cpanel.net/responses/ssl-certificate-per-domain-on-all-services]SSL certificate per domain on all services | cPanel Feature Requests Thank you. 0
Please sign in to leave a comment.
Comments
6 comments