Hi,
i check the forum entries for getting info the correct info to config ip:port with ssl-certificates for each domains.
But i can't get the info.
Status quo:
I have multiple domains on one hmailServer.
One domain has a ssl-certificate.
All works perfect.
Currently I have one IP set on the Server.
The current config is
0.0.0.0/465/SMTP/SSL/TLS/certificatedomain1
0.0.0.0/578/SMTP/SSL/TLS/certificatedomain1
0.0.0.0/993/IMAP/SSL/TLS/certificatedomain1
0.0.0.0/995/POP3/SSL/TLS/certificatedomain1
Questions:
Now, I want to support the other domains with ssl-certifcates.
How can I to this?
I didn't understand how to config the ip:ports?
I want to use the ssl-default ports (465, 578, 993, 995) for each domain ssl-mail-configuration.
Do I need one IP for each Domain to config all domains with ssl-default ports (465, 578, 993, 995)?
Is this way possible?
like ...
x.x.x.1/465/SMTP/SSL/TLS/certificatedomain1
x.x.x.1/578/SMTP/SSL/TLS/certificatedomain1
x.x.x.1/993/IMAP/SSL/TLS/certificatedomain1
x.x.x.1/995/POP3/SSL/TLS/certificatedomain1
x.x.x.2/465/SMTP/SSL/TLS/certificatedomain2
x.x.x.2/578/SMTP/SSL/TLS/certificatedomain2
x.x.x.2/993/IMAP/SSL/TLS/certificatedomain2
x.x.x.2/995/POP3/SSL/TLS/certificatedomain2
Or is there another way which is much easier?
config ip:port with ssl-certificates for each domains
-
- New user
- Posts: 3
- Joined: 2015-04-17 15:40
Re: config ip:port with ssl-certificates for each domains
You need to add all your SSL certificates first per Domain and assign it under Connections settings on each Domain as 2nd step.
Re: config ip:port with ssl-certificates for each domains
You can't do this (and you don't need to - see below)ibuhmailuser wrote: ↑2018-11-02 18:45Questions:
Now, I want to support the other domains with ssl-certifcates.
How can I to this?
you can have 1 SSL cert per port, but you can't have multiple SSL certs per port
What I do (and what most ISPs, including gmail and Office365 do for their hosted domains)
Set one SSL cert for your server
Set it to the name of your RDNS (or PTR) entry, also the name in the 'local host name' name in SMTP settings
lets say that is 'mail.example.com'
You then set the MX record for all hosted domains to point to this same server. Like this
Domain = domain1.com
MX record = Priority 10, mail.example.com
Domain = domain2.com
MX record = Priority 10, mail.example.com
Domain = domain3.com
MX record = Priority 10, mail.example.com
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation
https://www.hmailserver.com/documentation
-
- New user
- Posts: 3
- Joined: 2015-04-17 15:40
Re: config ip:port with ssl-certificates for each domains
Thanks a lot,
sorry for the late message.
Let me describe in my own words again what to do.
1. Assuming the mail server has the subdomain mail.xyz.tld (IP: x.x.x.x)
2. I uninstall the previous certificate for the particular subdomain. I install install a ssl certificate for the mail server mail.xyz.tld (IP: x.x.x.x) and configure the different ports for ssl
3. I change all mx-entries for the different domains
Domain = domainX.com
MX record = Priority 10, mail.xyz.tld
That's all!
A question:
Can users continue to use their mail setting in the email client?
The users have e.g. mail.domainX.com set as mail server in the mail client.
Or do users have to set mail.xyz.tld?
I think the users can continue to use the previous MailServer mail.domainX.com.
Cause the DNS mx points to mail.xyz.tld
sorry for the late message.
Let me describe in my own words again what to do.
1. Assuming the mail server has the subdomain mail.xyz.tld (IP: x.x.x.x)
2. I uninstall the previous certificate for the particular subdomain. I install install a ssl certificate for the mail server mail.xyz.tld (IP: x.x.x.x) and configure the different ports for ssl
3. I change all mx-entries for the different domains
Domain = domainX.com
MX record = Priority 10, mail.xyz.tld
That's all!
A question:
Can users continue to use their mail setting in the email client?
The users have e.g. mail.domainX.com set as mail server in the mail client.
Or do users have to set mail.xyz.tld?
I think the users can continue to use the previous MailServer mail.domainX.com.
Cause the DNS mx points to mail.xyz.tld
Re: config ip:port with ssl-certificates for each domains
Hi!
First of all you should check the table at the bottom of this page: https://www.hmailserver.com/documentati ... to_install
There are different ways to deal with multiple domains and certificates. Here I describe two of them:
1.
My hMailServer is hosting 2 Domains:
mail.domain1.com points to the IP (1.2.3.4) of my server.
The RDNS of 1.2.3.4 is mail.domain1.com.
I have one certificate for mail.domain1.com. This certificate is used on all ports.
All users have to use mail.domain1.com for IMAP/SMTP/POP in there clients to connect to my server.
2.
My hMailServer is hosting 2 Domains again:
mail.domain1.com and mail.domain2.com point to the IP (1.2.3.4) of my server.
The RDNS of 1.2.3.4 is mail.domain1.com (my main domain, which is also entered as local host name. Remember you can have just one RDNS per IP-address)
For the clients I have the following records:
imap.domain1.com
imap.domain2.com
smtp.domain1.com
smtp.domain2.com
pop.domain1.com
pop.domain2.com
All of them point to 1.2.3.4.
Now I could have one certificate with Subject Alternative Name, which has all subdomains (mail.domain1.com, mail.domain2.com, imap.domain1.com, imap.domain2.com, ...).
All ports would use this one certificate.
Or you make one certificate for each protocol:
Port 25: Certificate with mail.domain1.com and mail.domain2.com
Port 465 and 587: Certificate with smtp.domain1.com and smtp.domain2.com
Port 143 and 993: Certificate with imap.domain1.com and imap.domain2.com
Port 110 and 995: Certificate with pop.domain1.com and pop.domain2.com
I hope this helps understandig how this works.
First of all you should check the table at the bottom of this page: https://www.hmailserver.com/documentati ... to_install
- SMTP 25 StartTLS (Optional)
- SMTP via SSL/TLS 465 SSL/TLS
- SMTP Submission 587 StartTLS (Required)
- POP3 110 StartTLS (Required)
- POP3 via SSL/TLS 995 SSL/TLS
- IMAP 143 StartTLS (Required)
- IMAP via SSL/TLS 993 SSL/TLS
There are different ways to deal with multiple domains and certificates. Here I describe two of them:
1.
My hMailServer is hosting 2 Domains:
- domain1.com (main)
- domain2.com
mail.domain1.com points to the IP (1.2.3.4) of my server.
The RDNS of 1.2.3.4 is mail.domain1.com.
I have one certificate for mail.domain1.com. This certificate is used on all ports.
All users have to use mail.domain1.com for IMAP/SMTP/POP in there clients to connect to my server.
2.
My hMailServer is hosting 2 Domains again:
- domain1.com (main)
- domain2.com
mail.domain1.com and mail.domain2.com point to the IP (1.2.3.4) of my server.
The RDNS of 1.2.3.4 is mail.domain1.com (my main domain, which is also entered as local host name. Remember you can have just one RDNS per IP-address)
For the clients I have the following records:
imap.domain1.com
imap.domain2.com
smtp.domain1.com
smtp.domain2.com
pop.domain1.com
pop.domain2.com
All of them point to 1.2.3.4.
Now I could have one certificate with Subject Alternative Name, which has all subdomains (mail.domain1.com, mail.domain2.com, imap.domain1.com, imap.domain2.com, ...).
All ports would use this one certificate.
Or you make one certificate for each protocol:
Port 25: Certificate with mail.domain1.com and mail.domain2.com
Port 465 and 587: Certificate with smtp.domain1.com and smtp.domain2.com
Port 143 and 993: Certificate with imap.domain1.com and imap.domain2.com
Port 110 and 995: Certificate with pop.domain1.com and pop.domain2.com
I hope this helps understandig how this works.