Multiple Commercial SSL Certs

[nrgyz]

Hi,

Is it possible to install more than one SSL certificate on a Zimbra server? I mean I want both new-imap.mydomain.com and old-imap.mydomain.com (BOTH pointing to the same ip) being used. I own the certificates for these two subdomains. One certificate is installed correctly (new-imap.mydomain.com) but it complains when installing the second one using the certificate wizard

Message: invalid request: Server with id old-imap.mydomain.com could not be found Error code: service.INVALID_REQUEST Method: GetCSRRequest Details:soap:Sender

TIA

edit: Wildcard Cert is not a solution!

[mmorse]

At the moment no, you can't use multiple certs for ldap/mailboxd/mta/proxy: Bug 8128 - multiple SSL certificates on one server
Some people use this method if they need to keep existing certs intact: Multiple SSL Virtual Hosts - Zimbra :: Wiki

Quote:

Originally Posted by nrgyz

edit: Wildcard Cert is not a solution!

Totally understandable, however what your describing could be solved with a subjectAltName, if your ok with generating a new certificate that is. The -subjectAltNames argument allows you to specify additional hosts that may use the certificate other than the one listed in the subject: Administration Console and CLI Certificate Tools - Zimbra :: Wiki

Fixed in 5.0.10: Bug 30598 - subjectAltName doesn't work correctly using zmcertmgr

(Might also set the old-imap.mydomain.com under admin console > domain > virtual host tab.)

[nrgyz]

Hi mmorse,

I'll take a look at those suggestions you gave me. I need to make sure that my certificate authority (GoDaddy) will accept a subjectAltName.

Thanks for your quick reply!

[Artturi]

Hello,

It would have been possible to tweak perdition's config file to point to dedicated certificates for pop3s and imaps, but how about nginx one ?

Regards,

Artturi