Results 1 to 3 of 3

Thread: Seperate SSL Certs for pop/imap/smtp/web

  1. #1
    Join Date
    Jul 2006
    Rep Power

    Default Seperate SSL Certs for pop/imap/smtp/web

    I'm in an environment where whilst we currently only have one Zimbra box, but we will be expanding to a multi-server setup before long. As such, we have set up DNS so that,, etc all point to the same place. The plan is that at some point, these will be on different boxes with different IPs, and so we're allowing for the future expansion.

    My question is, how can I install SSL certificates so that the certs match the appropriate hostnames? The Wiki and the forum post linked below were very informative, but I can only see how to give a separate cert to the smtpd, (by having hand-placed /opt/zimbra/conf/smtpd.crt and /opt/zimbra/conf/smtpd.key) but I can't see how to do separate certs for imap, pop and web access.

    Any pointers would be wonderful, and if the answer has to be 'Nope, can't do that' then do people think I should bung it in as a feature request?

    Handy forum post:

  2. #2
    Join Date
    Apr 2006
    Rep Power

    Default Wildcard Cert

    I don't know if it's an option for you, but you could try using a wildcard cert. I've been testing it myself and have been pretty successful with SMTP/TLS(port 25), https, imap(on perdition), and pop(on perdition) using a test cert from thawte. I haven't gotten smtp over ssl(port 465) working yet, but am working with support on it.

    The wildcard cert would allow you to use any DNS name you want. If you need to change it in the future, you don't have to get a new cert. However, it also costs a little extra $$.

  3. #3
    Join Date
    Oct 2007
    Atlanta, GA
    Rep Power

    Default Any update on this?

    I would also like to use separate DNS names for each service to make them easier to manage. Has anyone gotten this to work without using a wildcard certificate?


Similar Threads

  1. Installing commercial ssl on zimbra cs (network ed.)
    By keithop in forum Administrators
    Replies: 4
    Last Post: 04-28-2009, 04:16 PM
  2. Disable SSL on the Admin Port 7071
    By rasputin in forum Installation
    Replies: 2
    Last Post: 04-06-2008, 03:29 AM
  3. restoring SSL with Keytool???
    By kevindods in forum Administrators
    Replies: 1
    Last Post: 04-23-2007, 04:48 AM
  4. Help with tomcat ssl errors...
    By sgtstadanko in forum Administrators
    Replies: 4
    Last Post: 03-19-2007, 09:13 PM
  5. ssl on 3.0.1_GA_160_SuSE10
    By comptekki in forum Administrators
    Replies: 2
    Last Post: 04-03-2006, 03:06 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts