Results 1 to 3 of 3

Thread: Seperate SSL Certs for pop/imap/smtp/web

  1. #1
    Si1entDave is offline Starter Member
    Join Date
    Jul 2006
    Posts
    1
    Rep Power
    9

    Default Seperate SSL Certs for pop/imap/smtp/web

    I'm in an environment where whilst we currently only have one Zimbra box, but we will be expanding to a multi-server setup before long. As such, we have set up DNS so that pop.zimbra.ourdomain.com, smtp.zimbra.ourdomain.com, etc all point to the same place. The plan is that at some point, these will be on different boxes with different IPs, and so we're allowing for the future expansion.

    My question is, how can I install SSL certificates so that the certs match the appropriate hostnames? The Wiki and the forum post linked below were very informative, but I can only see how to give a separate cert to the smtpd, (by having hand-placed /opt/zimbra/conf/smtpd.crt and /opt/zimbra/conf/smtpd.key) but I can't see how to do separate certs for imap, pop and web access.

    Any pointers would be wonderful, and if the answer has to be 'Nope, can't do that' then do people think I should bung it in as a feature request?

    ----
    Handy forum post: [SOLVED] Installing existing SSL certificates (solved)

  2. #2
    kirme3 is offline Trained Alumni
    Join Date
    Apr 2006
    Location
    Illinois
    Posts
    194
    Rep Power
    9

    Default Wildcard Cert

    I don't know if it's an option for you, but you could try using a wildcard cert. I've been testing it myself and have been pretty successful with SMTP/TLS(port 25), https, imap(on perdition), and pop(on perdition) using a test cert from thawte. I haven't gotten smtp over ssl(port 465) working yet, but am working with support on it.

    The wildcard cert would allow you to use any DNS name you want. If you need to change it in the future, you don't have to get a new cert. However, it also costs a little extra $$.

  3. #3
    KingPong is offline New Member
    Join Date
    Oct 2007
    Location
    Atlanta, GA
    Posts
    3
    Rep Power
    7

    Default Any update on this?

    I would also like to use separate DNS names for each service to make them easier to manage. Has anyone gotten this to work without using a wildcard certificate?

    Thanks,
    Philip

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Installing commercial ssl on zimbra cs (network ed.)
    By keithop in forum Administrators
    Replies: 4
    Last Post: 04-28-2009, 04:16 PM
  2. Disable SSL on the Admin Port 7071
    By rasputin in forum Installation
    Replies: 2
    Last Post: 04-06-2008, 03:29 AM
  3. restoring SSL with Keytool???
    By kevindods in forum Administrators
    Replies: 1
    Last Post: 04-23-2007, 04:48 AM
  4. Help with tomcat ssl errors...
    By sgtstadanko in forum Administrators
    Replies: 4
    Last Post: 03-19-2007, 09:13 PM
  5. ssl on 3.0.1_GA_160_SuSE10
    By comptekki in forum Administrators
    Replies: 2
    Last Post: 04-03-2006, 03:06 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •