The behaviour we want is for a user to be able to type the server's FQDN in a browser (which means http initially), get redirected to an https login screen, and then stay https thereafter.
Right now, the only way to have an https-only session for some users and still have http work for others is to ask the https users to use a predefined shortcut, e.g.:
That's a real detriment for deploying Zimbra for secure email usage.
Non-technical users don't type "http.." in a browser, they type the FQDN of the Zimbra server only. Indeed, they resent having to type "htt..." and often incorrectly type (or forget to type) the colon and slashes.
Here is the use case I would like:
1. User types the FQDN of the Zimbra server in a browser.
2. Zimbra redirects the login screen to an https session to ensure the login credentials are encrypted when transmitted.
3. After a successful login, the session remains https, so all email traffic is also encrypted.
After speaking with Zimbra support after first installing 4.0.3NE and trying all of the zmtlsctl options, the above use case to my knowledge is not available in Zimbra.
If I'm wrong, apologies first, and then a request as to how I can correctly use the zmtlsctl command.
It seems to have been around since 3.1.1, which probably explains why support knew about it when I asked originally. I just voted for it and I'll call support tomorrow as you suggested to raise a more formal case regarding it.
Thanks for the help to get more attention focused on this bug.
All the best,