Dear people, I have a Zimbra servrr 8.7 with multiple domains, just one SSL common certificate with a generic canonical name and just one public IP.
In SMTPD mode, my Zimbra is listening to incoming connections from Internet mail servers in TCP/25 and TCP587 ports, and offers STARTTLS to encrypt the channel with SSL/TLS. Remote servers can't validate the certificate because the canonical name doesn't match the domain name, but email anymore.
I want to offer STARTTLS on ports TCP/25 and TCP/587 for incoming emails with the corresponding SSL certificate per domain.
Please can you tell me if these options are possible:
1) Install a SNI Certificate, so I can have a valid SSL certificate per domain using just one public IP
2) Install one SSL Certificate per domain, using a virtual hostname and a virtual IP per domain
Or maybe you can give me a new option...
Also I need to know if the above options suit for STARTTLS (SSL/TLS) for incoming connections or they only suit for HTTPS connections ???
Thanks a lot and regards !!!
- Zimbra Collaboration 8.6 Patch 9 now available (includes fix for CVE-2017-8802). Read the announcement.
- Zimbra Collaboration 8.8.7 + Zimbra Connector for Outlook 8.8.7 are available.. Read the announcement.
- Are you a Zimbra Developer? You can find some interesting stuff in our Official GitHub: https://github.com/Zimbra and check the Community Projects too: https://github.com/Zimbra-Community/
Discuss your pilot or production implementation with other Zimbra admins or our engineers.
1 post • Page 1 of 1
Who is online
Users browsing this forum: No registered users and 20 guests