Results 1 to 4 of 4

Thread: Add second domain + SSL.

Hybrid View

  1. #1
    Join Date
    Jun 2013
    Posts
    9
    Rep Power
    2

    Default Add second domain + SSL.

    Hello!
    Sorry for my English
    But I don't understand about multidomain ssl certificates.
    For example I have installed ZCS (firstdomain.com) - all works fine with comercial SSL certificate. I can without any problem get & send my mail from Zimbra web and with any mail client help. MX for this domain mail.firstdomain.com - 88.88.88.88.

    Now I need add second domain (seconddomain.com) - MX mail.seconddomain.com 88.88.88.88. I do it from web interface. When log in to web (https:\\firstdomain.com) user@seconddomain.com and send or get mail - all right. But if I use mail client for seconddomain.com (thunderbird) - it not work.

    I need two (or more) different domains with different comercial SSL. And use for one mail.firstdomain.com for second mail.seconddomain.com.
    I hope you understand me.
    How I can resolve this issue?

    I looked it SSL certificates per domain - Zimbra :: Wiki.
    But If run
    Code:
    /opt/zimbra/libexec/zmproxyconfig -m -w -e -x both -H `zmhostname`
    I get error:
    Error: proxy mail mode both is invalid when SSL to upstream is enabled
    Code:
    $ zmprov gs `zmhostname` | grep -i mode
    zimbraBackupMode: Standard
    zimbraIPMode: ipv4
    zimbraMailMode: http
    zimbraMailReferMode: wronghost
    zimbraMailSSLClientCertMode: Disabled
    zimbraOpenidConsumerStatelessModeEnabled: TRUE
    zimbraReverseProxyClientCertMode: off
    zimbraReverseProxyImapStartTlsMode: only
    zimbraReverseProxyMailMode: http
    zimbraReverseProxyPop3StartTlsMode: only



    Thanx in advance.
    Last edited by YuraI; 06-04-2013 at 05:25 AM.

  2. #2
    Join Date
    Jun 2013
    Posts
    9
    Rep Power
    2

    Default

    I found this wiki Multiple SSL Virtual Hosts 6.0 - Zimbra :: Wiki

    mail.firstdomain.com - 88.88.88.88 - OK
    mail.seconddomain.com - 88.88.88.77 (additional IP) -
    Code:
    Jun  6 18:28:35 joyalloy postfix/submission/smtpd[10937]: warning: SASL authentication failure: Password verification failed
    Jun  6 18:28:35 joyalloy postfix/submission/smtpd[10937]: warning: unknown[46.119.129.XX]: SASL PLAIN authentication failed: authentication failure
    Jun  6 18:28:35 joyalloy postfix/submission/smtpd[10937]: warning: unknown[46.119.129.XX]: SASL LOGIN authentication failed: authentication failure
    Jun  6 18:28:40 joyalloy postfix/submission/smtpd[10937]: warning: SASL authentication failure: Password verification failed
    When I write login from mail.firstdomain.com - mail go away.

    Why?
    Please help! How i can resolve this trouble? How I can configure zimbra server to work with multiply SMTP?

    Part master.cf.in which i edited manualy.
    Code:
    #mail.firstdomain.com
    88.88.88.88:smtp      inet  n       -       n       -       -       smtpd
    	-o content_filter=scan:[%%zimbraLocalBindAddress%%]:10030
    %%uncomment LOCAL:postjournal_enabled%%	-o smtpd_proxy_filter=[%%zimbraLocalBindAddress%%]:10027
    88.88.88.88:465    inet  n       -       n       -       -       smtpd
    	-o content_filter=scan:[%%zimbraLocalBindAddress%%]:10030
    	-o smtpd_tls_wrappermode=yes 
    	-o smtpd_sasl_auth_enable=yes
    	-o smtpd_client_restrictions=
    	-o smtpd_data_restrictions=
    	-o smtpd_end_of_data_restrictions=
    	-o smtpd_helo_restrictions=
    	-o smtpd_recipient_restrictions=
    	-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
    	-o syslog_name=postfix/smtps
    	-o milter_macro_daemon_name=ORIGINATING
    	-o smtpd_tls_cert_file=/opt/zimbra/conf/domaincerts/first.crt
    	-o smtpd_tls_key_file=/opt/zimbra/conf/domaincerts/first.key
    %%uncomment LOCAL:postjournal_enabled%%	-o smtpd_proxy_filter=[%%zimbraLocalBindAddress%%]:10027
    88.88.88.88:submission inet n      -       n       -       -       smtpd
    	-o content_filter=scan:[%%zimbraLocalBindAddress%%]:10030
    	-o smtpd_etrn_restrictions=reject
    	-o smtpd_sasl_auth_enable=%%zimbraMtaSaslAuthEnable%%
    	-o smtpd_tls_security_level=%%zimbraMtaTlsSecurityLevel%%
    	-o smtpd_client_restrictions=permit_sasl_authenticated,reject
    	-o smtpd_data_restrictions=
    	-o smtpd_end_of_data_restrictions=
    	-o smtpd_helo_restrictions=
    	-o smtpd_recipient_restrictions=
    	-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
    	-o syslog_name=postfix/submission
    	-o milter_macro_daemon_name=ORIGINATING
    	-o smtpd_tls_cert_file=/opt/zimbra/conf/domaincerts/first.crt
    	-o smtpd_tls_key_file=/opt/zimbra/conf/domaincerts/first.key
    %%uncomment LOCAL:postjournal_enabled%%	-o smtpd_proxy_filter=[%%zimbraLocalBindAddress%%]:10027
    #mail.seconddomain.com
    88.88.88.77:smtp      inet  n       -       n       -       -       smtpd
    	-o myhostname=ja-develop.com
        -o content_filter=scan:[%%zimbraLocalBindAddress%%]:10030
    %%uncomment LOCAL:postjournal_enabled%% -o smtpd_proxy_filter=[%%zimbraLocalBindAddress%%]:10027
    88.88.88.77:465    inet  n       -       n       -       -       smtpd
        -o content_filter=scan:[%%zimbraLocalBindAddress%%]:10030
        -o smtpd_tls_wrappermode=yes
        -o smtpd_sasl_auth_enable=yes
        -o smtpd_client_restrictions=
        -o smtpd_data_restrictions=
        -o smtpd_end_of_data_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_recipient_restrictions=
        -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
        -o syslog_name=postfix/smtps
        -o milter_macro_daemon_name=ORIGINATING
        -o smtpd_tls_cert_file=/opt/zimbra/conf/domaincerts/second.crt
        -o smtpd_tls_key_file=/opt/zimbra/conf/domaincerts/second.key
    %%uncomment LOCAL:postjournal_enabled%% -o smtpd_proxy_filter=[%%zimbraLocalBindAddress%%]:10027
    88.88.88.77:submission inet n      -       n       -       -       smtpd
        -o content_filter=scan:[%%zimbraLocalBindAddress%%]:10030
        -o smtpd_etrn_restrictions=reject
        -o smtpd_sasl_auth_enable=%%zimbraMtaSaslAuthEnable%%
        -o smtpd_tls_security_level=%%zimbraMtaTlsSecurityLevel%%
        -o smtpd_client_restrictions=permit_sasl_authenticated,reject
        -o smtpd_data_restrictions=
        -o smtpd_end_of_data_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_recipient_restrictions=
        -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
        -o syslog_name=postfix/submission
        -o milter_macro_daemon_name=ORIGINATING
        -o smtpd_tls_cert_file=/opt/zimbra/conf/domaincerts/second.crt
        -o smtpd_tls_key_file=/opt/zimbra/conf/domaincerts/second.key
    %%uncomment LOCAL:postjournal_enabled%% -o smtpd_proxy_filter=[%%zimbraLocalBindAddress%%]:10027
    Last edited by YuraI; 06-06-2013 at 10:17 AM.

  3. #3
    Join Date
    Jun 2013
    Posts
    9
    Rep Power
    2

    Default

    Nobody really knows?

  4. #4
    Join Date
    Aug 2013
    Posts
    1
    Rep Power
    2

    Default

    Instead of option "-x both" I tried "-x https" and it worked for me.

    [zimbra@mailz ~]$ /opt/zimbra/libexec/zmproxyconfig -m -w -e -x https -H `zmhostname`
    [zimbra@mailz ~]$



    Quote Originally Posted by YuraI View Post
    Hello!
    Sorry for my English
    But I don't understand about multidomain ssl certificates.
    For example I have installed ZCS (firstdomain.com) - all works fine with comercial SSL certificate. I can without any problem get & send my mail from Zimbra web and with any mail client help. MX for this domain mail.firstdomain.com - 88.88.88.88.

    Now I need add second domain (seconddomain.com) - MX mail.seconddomain.com 88.88.88.88. I do it from web interface. When log in to web (https:\\firstdomain.com) user@seconddomain.com and send or get mail - all right. But if I use mail client for seconddomain.com (thunderbird) - it not work.

    I need two (or more) different domains with different comercial SSL. And use for one mail.firstdomain.com for second mail.seconddomain.com.
    I hope you understand me.
    How I can resolve this issue?

    I looked it SSL certificates per domain - Zimbra :: Wiki.
    But If run
    Code:
    /opt/zimbra/libexec/zmproxyconfig -m -w -e -x both -H `zmhostname`
    I get error:
    Error: proxy mail mode both is invalid when SSL to upstream is enabled
    Code:
    $ zmprov gs `zmhostname` | grep -i mode
    zimbraBackupMode: Standard
    zimbraIPMode: ipv4
    zimbraMailMode: http
    zimbraMailReferMode: wronghost
    zimbraMailSSLClientCertMode: Disabled
    zimbraOpenidConsumerStatelessModeEnabled: TRUE
    zimbraReverseProxyClientCertMode: off
    zimbraReverseProxyImapStartTlsMode: only
    zimbraReverseProxyMailMode: http
    zimbraReverseProxyPop3StartTlsMode: only



    Thanx in advance.

Similar Threads

  1. Replies: 0
    Last Post: 12-31-2012, 08:20 PM
  2. Replies: 2
    Last Post: 08-02-2011, 09:14 AM
  3. Replies: 1
    Last Post: 08-02-2011, 02:15 AM
  4. Replies: 0
    Last Post: 09-28-2010, 03:58 AM
  5. Replies: 7
    Last Post: 04-27-2009, 02:49 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •