Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Https

  1. #1
    Join Date
    Feb 2009
    Posts
    11
    Rep Power
    6

    Default Https

    recently installed Zimbra 5.0.13 on a CentOS 5.2, we are in stage of testing, I added three different domains, what should I do to provide HTTPS for the three domains?

    achievement as a user entering (Web-Based Email :: Redirect) but not (https://webmail.dominio1.com), even I recognize the domains, but I don't have problems logging in to the management console that with https.

    I hope I have been explaining

    ***********SPANISH********************

    recientemente instalé Zimbra 5.0.13 en un CentOS 5.2, estamos en etapa de pruebas, he agregado tres dominios diferentes, que debo hacer para brindar HTTPS a los tres dominios?

    como usuario logro ingresar a (Web-Based Email :: Redirect) pero no en (https://webmail.dominio1.com), ni siquiera me reconoce el dominios, pero no tengo problemas para ingresar a la consola de administración que esta con https.

    Espero haber sido explicativo
    Last edited by monflomai; 03-09-2009 at 02:28 PM.

  2. #2
    Join Date
    Jan 2007
    Location
    New York
    Posts
    18
    Rep Power
    8

    Default

    If you search through the Wiki you should be able to find documentation that walks you through generating an SSL certificate for Zimbra to use. That should get you through your trial runs and you can always replace it later with an official vendor SSL cert.

    Buena suerte!
    Jeffrey Vargas
    Technology Director
    Time Out New York
    http://www.timeout.com/newyork/
    http://www.timeout.com/newyork/kids/
    http://www.timeout.com/chicago/



    ZCS NE 5.0.15 | Mac OS X Server (10.4.11) | 2x2.66GHz Intel Xeon/8GB RAM

  3. #3
    Join Date
    Feb 2009
    Posts
    11
    Rep Power
    6

    Default Https

    Thanks for reply.

    I use the OpenSource version, this version does not come with the SSL option for domains?

    ***********************SPANISH******************** ****

    Gracias por contestar.

    Estoy usando la versión OpenSource, está versión no viene con la opción SSL para los dominios?

  4. #4
    Join Date
    Jan 2009
    Posts
    40
    Rep Power
    6

    Default

    Hi...

    Perhaps this link helps you:

    CLI zmtlsctl to set Web Server Mode - Zimbra :: Wiki

    You have to change the configuration to "redirect" mode.

    Test it.

    Regards.

    ---------------------SPANISH--------------------

    Échale un vistazo a este link:

    CLI zmtlsctl to set Web Server Mode - Zimbra :: Wiki

    Tendrás que indicar en la configuración que quieres el modo "redirect" para que redireccione a https://

    Prueba a ver si te funciona.

    Un saludo.

  5. #5
    Join Date
    Jan 2007
    Location
    New York
    Posts
    18
    Rep Power
    8

    Default

    Quote Originally Posted by Enake View Post
    Hi...

    Perhaps this link helps you:

    CLI zmtlsctl to set Web Server Mode - Zimbra :: Wiki

    You have to change the configuration to "redirect" mode.

    Test it.

    Regards.

    ---------------------SPANISH--------------------

    Échale un vistazo a este link:

    CLI zmtlsctl to set Web Server Mode - Zimbra :: Wiki

    Tendrás que indicar en la configuración que quieres el modo "redirect" para que redireccione a https://

    Prueba a ver si te funciona.

    Un saludo.
    Make sure to choose both to allow both to work, or mixed if you want to force SSL for logins.
    Jeffrey Vargas
    Technology Director
    Time Out New York
    http://www.timeout.com/newyork/
    http://www.timeout.com/newyork/kids/
    http://www.timeout.com/chicago/



    ZCS NE 5.0.15 | Mac OS X Server (10.4.11) | 2x2.66GHz Intel Xeon/8GB RAM

  6. #6
    Join Date
    Feb 2009
    Posts
    11
    Rep Power
    6

    Default Work fine

    Thanks for the responses were very productive.
    Now, as the certificate is for mail.dominio.com, wanting to enter webmail.dominio2.com, the browser does not recognize the certificate (of course), you can only have one certificate for one domain? or we can add certificates for each domain that we add to Zimbra?

    Thanks Again

    ***************SPANISH****************************

    Gracias por las repuestas, fueron muy productivas.
    Ahora, como el certificado es para mail.dominio.com, al querer ingresar con webmail.dominio2.com, el navegador no reconoce el certificado (obviamente), sólo se puede tener un certificado para un sólo dominio? o podemos agregar certificados para cada dominio que agreguemos a zimbra?

    Gracias Nuevamente

  7. #7
    Join Date
    Jan 2007
    Location
    New York
    Posts
    18
    Rep Power
    8

    Default

    You should have your certificate made for the site which they will be accessing Zimbra through. So if it is going to be webmail.dominio2.com that your users will be navigating to over http/https to access Zimbra, that's what you should generate the certificate for.
    Jeffrey Vargas
    Technology Director
    Time Out New York
    http://www.timeout.com/newyork/
    http://www.timeout.com/newyork/kids/
    http://www.timeout.com/chicago/



    ZCS NE 5.0.15 | Mac OS X Server (10.4.11) | 2x2.66GHz Intel Xeon/8GB RAM

  8. #8
    Join Date
    Feb 2009
    Posts
    11
    Rep Power
    6

    Default

    But when having several domains: webmail.dominio.com, webmail.dominio2.com, webmail.dominio3.com, etc, the certificate will only recognize one domain, even so the navigator not been worth it if serious certifier is not guaranteed by an organization.

    This is what it happens when desire to enter with webmail.dominio2.com, to the browser (firefox) does not like.

    Code:
    webmail.dominio2.com: 443 use a nonvalid certificate of security. 
    
    One does not trust the certificate because the emitting certificate is not known. The certificate is only valid for webmail.dominio.com. 
    
    (Code of error: to sec_error_unknown_issuer)
    What happens in the case of the enterprise version, and when multiple dominions are had?

    ***********************SPANISH******************** ******

    Pero al tener varios dominios: webmail.dominio.com, webmail.dominio2.com, webmail.dominio3.com, el certificado solo reconocerá un dominio, aún así el navegador no lo valida si no está garantizado por una entidad certificadora seria.

    Esto es lo que sucede cuando deseo ingresar con webmail.dominio2.com, al navegador no le gusta.

    Code:
    webmail.dominio.com:443 usa un certificado de seguridad no válido.
    
    No se confía en el certificado porque el certificado emisor es desconocido.
    El certificado sólo es válido para <a id="cert_domain_link" title="webmail.dominio2.com">webmail.dominio2.com</a>.
    
    (Código de error: sec_error_unknown_issuer)
    Que sucede en el caso de la versión empresarial, cuando se tienen multiples dominios?

  9. #9
    Join Date
    Jan 2007
    Location
    New York
    Posts
    18
    Rep Power
    8

    Default

    Quote Originally Posted by monflomai View Post
    But when having several domains: webmail.dominio.com, webmail.dominio2.com, webmail.dominio3.com, etc, the certificate will only recognize one domain, even so the navigator not been worth it if serious certifier is not guaranteed by an organization.
    Have you tried this feature, as described here:

    Administration Console and CLI Certificate Tools - Zimbra :: Wiki

    In particular, note the section about "Self-Signed Certificate Options", which using the zmcertmgr command options below should help you create a new certificate and make it valid for all of the domains that you are looking to host.

    createcsr <self|comm> [-new] [-subject subject] [-subjectAltNames "host1,host2"]
    Jeffrey Vargas
    Technology Director
    Time Out New York
    http://www.timeout.com/newyork/
    http://www.timeout.com/newyork/kids/
    http://www.timeout.com/chicago/



    ZCS NE 5.0.15 | Mac OS X Server (10.4.11) | 2x2.66GHz Intel Xeon/8GB RAM

  10. #10
    Join Date
    Feb 2009
    Posts
    11
    Rep Power
    6

    Default problem with ie7 and ie8

    Thanks, all the commentaries have been very beneficial.

    Now I have the problem with Internet Explorer 7 and 8, I have not managed to concern the certificate, whenever access to https://webmail.dominio.com sends the warning to me, I add the certificate, I close IE, I return abrir it, and the same window of warning, so that the certificate is not added as it only happens in firefox once is enough.

    do you know some solution part the one to buy a certificate to an organization $reliable$ for Microsoft?

    ********************SPANISH*********************

    Gracias, todos los comentarios han sido muy provechosos.

    Ahora tengo el problema con Internet Explorer 7 y 8, no he logrado importar el certificado, cada vez que acceso a https://webmail.dominio.com me envía la advertencia, agrego el certificado, cierro ie, vuelvo abrirlo, y la misma ventana de advertencia, de modo que no se agrega el certificado como sucede en firefox solo una vez basta.

    Conocen alguna solución a parte la de comprar un certificado a una entidad $confiable$ para microsoft?

Similar Threads

  1. https ???
    By CatiaL in forum Administrators
    Replies: 7
    Last Post: 09-16-2009, 06:47 PM
  2. [SOLVED] 5.0 GA OSS https redirect disable
    By Jurykov in forum Administrators
    Replies: 13
    Last Post: 05-05-2008, 12:41 AM
  3. https & Newbie Question
    By swu in forum Administrators
    Replies: 5
    Last Post: 04-17-2007, 07:07 AM
  4. Replies: 2
    Last Post: 01-18-2007, 02:05 PM
  5. Changing browser access from HTTPS to Both HTTPS and HTTP
    By kelley.ch in forum Administrators
    Replies: 5
    Last Post: 09-18-2006, 11:50 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •