Securing mail on Hosting Accounts
Hi - I have seen many threads about the new SSL features and related topics, although I did not find any that directly answer my question.
I have a server with several shared hosting accounts. Let's say the server is named server1.myhostingcompany.com. This server has an EV SSL cert installed, and that cert includes "server1.myhostingcompany.com". Thunderbird gives warnings when initially connecting to the server that legitimate organizations would not ask you to accept certs with a name different than the site you are connecting to. Fair enough.
Will the new features in version 60 allow me to secure something like mail.somehostedaccount.com? I have seen comments related to SNI, but everything (at least what I can find) indicates SNI is enabled on the server. First, is this possible? And, if it is, where can I get detailed instructions for setting it up correctly so these security warnings will cease?
TIA
-
Hello! SNI will allow you to use multiple SSL certificates on the same IP, however you will need to ensure that you also have an SSL installed that includes the domain that you are trying to secure as well. From what I understand, you are using the SSL for the server's hostname that doesn't include mail.somehostedaccount.com, which will cause the warning to show when accessing that using SSL. Installing an SSL on mail.somehostedaccount.com should resolve that. This also talks a little more about how the Domain TLS is used to manage the SSL in cPanel. What is Domain TLS - cPanel Knowledge Base - cPanel Documentation You can also use AutoSSL to automatically install SSL certificates on the domains that do not have them, including the mail subdomains, which would handle all of the setup of the SSLs and SNI for you. This talks a little more about AutoSSL if you aren't familiar with that. Manage AutoSSL - Documentation - cPanel Documentation Thanks! 0
Please sign in to leave a comment.
Comments
1 comment