1

Topic: Question about SSL certs, subdomains and multiple servers

- iRedMail version: 0.4.1
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: Debian 7

So here's the thing, I have had a VPS that hosts websites for a long time, and now I'm starting to work with email so I got a new VPS and installed iRedMail.

The hostname for the iRedMail is mailserver1.mymaindomail.com. The A records for mymaindomain.com points to my webserver and the A record for mailserver1.mymaindomain.com points to the mailserver.

When I add a new domain I create a new A record mail.newdomain.com that points to the mailserver ip, and I add a mx record pointing to mail.newdomail.com.

Everything about the mail work flawlessly, however I want to add security using SSL and I'm also having some warnings from the e-mail clients (image attached):

So here are a few questions:

1. How can I get rid of the security warning, should I get SSL for every subdomain I add to de mail service or a SSL for mailserver1.mymaindomain.com would do?
2. Is this setup done the right way considering that the customer can access RoundCubeMail using their own subdomain?
3. How can I tell the e-mail clients that the smtp port is 587 and not 25 (some clients can't find it until I manually add it)?

Thanks in advance for your assistance.

Post's attachments

iredmailcert.jpg
iredmailcert.jpg 41.67 kb, file has never been downloaded. 

You don't have the permssions to download the attachments of this post.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Question about SSL certs, subdomains and multiple servers

Marco Zink wrote:

- iRedMail version: 0.4.1
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: Debian 7

So here's the thing, I have had a VPS that hosts websites for a long time, and now I'm starting to work with email so I got a new VPS and installed iRedMail.

The hostname for the iRedMail is mailserver1.mymaindomail.com. The A records for mymaindomain.com points to my webserver and the A record for mailserver1.mymaindomain.com points to the mailserver.

When I add a new domain I create a new A record mail.newdomain.com that points to the mailserver ip, and I add a mx record pointing to mail.newdomail.com.

Everything about the mail work flawlessly, however I want to add security using SSL and I'm also having some warnings from the e-mail clients (image attached):

So here are a few questions:

1. How can I get rid of the security warning, should I get SSL for every subdomain I add to de mail service or a SSL for mailserver1.mymaindomain.com would do?
2. Is this setup done the right way considering that the customer can access RoundCubeMail using their own subdomain?
3. How can I tell the e-mail clients that the smtp port is 587 and not 25 (some clients can't find it until I manually add it)?

Thanks in advance for your assistance.

This is where it gets fun. For http you can have multiple ssl certificates, but with mail you can only have one per IP address and you need one certificate per domain/subdomain you will use to access the server. If each customer has their own RC subdomain I recommend having theirs redirect to your mail.domain which will have a valid ssl cert.