Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Installation
Reload this Page Multiple hostnames & Multiple SSL certificates

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 04-23-2008, 07:56 AM
Junior Member
  
Posts: 5
Default Multiple hostnames & Multiple SSL certificates
Hi,

This is kind of a two part question but they are related:

I'm running Zimbra 5.0.5 GA Network Edition (trial)

1. I'm running a failover cluster with two nodes using DRBD. I want to use a "service name" for zimbra, so zimbra.example.com so that the config will work on both boxes. However, during the install I don't get the option to set a hostname and it uses the FQDN of the box, so server1.example.com. Is there a way to change the zimbra hostname so that it's not the same as the actual server hostname?


2. I need to use a commercial SSL certificate for zimbra.example.com. Again, when I try and run the certification wizard it generates a CSR for server1.example.com. I've looked at the wiki article on multiple certificates but don't understand whether than involves running a totally seperate apache instance, or changing the configuration of zimbra's apache? Either way I don't really need multiple certs, just one for the service/cluster name not the actual box names.


Hope that all makes sense!

Many Thanks,
Craig.
Reply With Quote
  #2 (permalink)  
Old 04-23-2008, 10:49 AM
Zimbra Employee
  
Posts: 604
Default
Craig,

Thanks for the questions. For the first question there is a place during the install to change the hostname, in fact this is exactly what the instructions say to do. Please take a closer look at the single node (1+1) cluster install guide for a step by step.

The recommendation for question 2 would be to use the subject altnames to accomplish what you are trying to do. With the current setup ZCS uses a single cert for multiple purposes, including jetty (webmail), ldap, postfix and proxy services. Although in most cases the public facing web access can use the cluster service name, many of the underlying process require the specific hostname for secure interprocess communication.
__________________
Bugzilla - Wiki - Downloads - Before posting... Search!
Reply With Quote
  #3 (permalink)  
Old 04-23-2008, 10:52 AM
Junior Member
  
Posts: 5
Default
Thanks Brian, I'll take a closer look at both of your suggesions.


Thanks for the quick reply.
Reply With Quote
  #4 (permalink)  
Old 08-11-2009, 12:02 AM
Senior Member
  
Posts: 70
Question
We also have multiple MB's on cluster and have installed cert only on one MB forr the cluster name.

But when i check the cert from console all other servers except the above mentioned MB have a different expiry earlier than the MB.
What will happen when the expiry for the MB cert is not reached while for the others it is already over.
Kindly suggest
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.