Certificate Question - Best practices
Zimbra is working pretty well except for one issue. We run the server in a DMZ and it's name is internal to our network (zimbra.mydomain.com) but externally we want users to access it as mail.mydomain.com. When they connect with either the web client or via a local client the get a message saying there is a certificate name mismatch
"you are connecting to mail.mydomain.com but the certificate is for zimbra.mydomain.com..."
My users are complaining about it because it happens every time they connect.
I've tried changing the name in /etc/hosts and the hostname but the cert is still wrong. I did manage at one point to get the certificate correct by changing every instance of the name in the /opt/zimbra/conf files. I got a good login screen with no message - but it blew-up on ling because of an ldap change. I had to backout all the changes to get the system working again.
Can anyone advise me how to do this correctly. I can't be the only one running it this way.