Don Xello
Level 1 (4 points)
Servers Enterprise

Q: Server 10.10 mail

Hi,

 

we have a SSL certificate from Thawte that covers 4 domains, domain1.org, www.domain1.org, domain2.org, domain3.or

 

domain3.org shall be used for mail services.

 

When I enter this domain it tells me users may not be able to access this domain from the internet.

When I change the domain to WWW.domain3.org it gets the green point. But I can also enter asdfas.domain3.org and it becomes green.

What is this?

 

When I nevertheless remain with domain3.org and set up an email address and then add an imap account in a mail programm I get the warning that the certificate has a misname match issue. But the certificate covers domain3.org.

When I enter https://domain3.org I get the Server website with the lock, clicking on it shows me a valid certificate.

When I enter https://www.domain3.org I get a warning that the certificate is no valid - Exactly as it should be.

 

So what is the issue with mail?

 

Any ideas?

Thanks

Tristan

Mac mini, OS X Yosemite (10.10.5), 10.10.5 Server

Posted on Jun 24, 2016 6:46 AM

Close
Don Xello

Q: Server 10.10 mail

  • All replies
  • Helpful answers

  • by Linc Davis,

    Linc Davis Linc Davis Jun 24, 2016 1:01 PM in response to Don Xello
    Level 10 (207,925 points)
    Applications
    Jun 24, 2016 1:01 PM in response to Don Xello

    As far as I know, there is no RFC for using wildcard certificates to secure anything other than a web server. Trying to use it to secure a mail server may be impossible. If there is any way to do it, you would have to refer to the CA for instructions to generate a suitable CSR.