Mail subdomain SSL certificate mismatch  [SOLVED]

Locked
Eoler
Posts: 17
Joined: Tue 2. Jul 2019, 01:20

Mail subdomain SSL certificate mismatch

Post by Eoler »

Ciao,
enjoying this great piece of management software for migrating PHP-served domain configurations,
but having problems with e-mail serving setup - external clients throw SSL mismatch errors on POP3
connections to mail.<domain.tld> server endpoint. There are many already configured e-mail clients
out there so I'm searching for a workaround to preserve existing configuration without the need to
contact my users (hopeful because of "If available, you can use, your own SSL/TLS protected domain
as well" comment in Email Addresses/Connection Data info popup).
User avatar
Martin
Posts: 984
Joined: Wed 20. Jan 2016, 00:43

Re: Mail subdomain SSL certificate mismatch

Post by Martin »

Hello,

you would need a manual generated SAN certificate to cover mail.domain.tld here. Let's Encrypt certificate for maildaemon is for the servers hostname.
Viele Grüße,
Martin
Eoler
Posts: 17
Joined: Tue 2. Jul 2019, 01:20

Re: Mail subdomain SSL certificate mismatch

Post by Eoler »

Martin wrote: Mon 19. Aug 2019, 23:19 you would need a manual generated SAN certificate to cover mail.domain.tld here. Let's Encrypt certificate for maildaemon is for the servers hostname.
So no autorenewing after certificate expiry? That's not ideal.
How about creating mail.domain.tld as subdomain, would that make it's LE certificate usable for mailing?
User avatar
Martin
Posts: 984
Joined: Wed 20. Jan 2016, 00:43

Re: Mail subdomain SSL certificate mismatch  [SOLVED]

Post by Martin »

Hello,

Let's Encrypt certificate for Postfix/Dovecot is currently only supported for hostname of the server itself.
Viele Grüße,
Martin
Locked