Multiple SSL + Domain names
Results 1 to 9 of 9

Thread: Multiple SSL + Domain names

  1. #1
    Member ZeXtras Reseller
    Participant

    Join Date
    Nov 2012
    Posts
    47

    Multiple SSL + Domain names

    Hi,

    I have a main zimbra server hostname -> zimbraxxx.domain.com, for which i got an ssl and installed it on zimbra successfully.

    Now i am adding more domains to the server, and want to add / buy SSL for those domains as well. How can i do so ?

    Thanks

  2. #2
    Active Member
    Join Date
    Oct 2012
    Posts
    18
    In the admin console (Zimbra OSS 8.0.1) under domain configuration you should find a certificate section, where you can specify a different certificate and corresponding private key for each.
    Not sure if this works for the web server or for SMTP only, but its worth a try (or look it up in the documentation). Otherwise you should be able to achieve this with a reverse proxy.
    Anyway, browsers and server of course need support for TLS Server Name Indication.

  3. #3
    CTO ZeXtras Employee d0s0n's Avatar
    Join Date
    Apr 2011
    Posts
    565
    Hi Anandi,
    I suggest you investigate about Multiple domain names (Subject Alternative Names) in the SSL certificate, so you can install a single crt valid for more domain names

    My2c.

    D0s0n
    ZeXtras Website # ZeXtras Wiki # ZeXtras Store

    Head of ZeXtras System Administrators

  4. #4
    Member ZeXtras Reseller
    Participant

    Join Date
    Nov 2012
    Posts
    47
    Hi D0s0n,

    I am not trying to install a single certificate for multiple domains. Here is what i want to do:

    1. zimbrahost1.domain.com: Bought and installed geotrust certificate for this domain inside zimbra, working
    2. mail.domain.com: Want to install this on zimbra as well. Will buy a new SSL.
    3. webmail.domain.com: Want to install this on zimbra as well. Will buy a new SSL.
    4. mail.domain2.com: Want to install this on zimbra as well. Will buy a new SSL.
    5. webmail.domain2.com: Want to install this on zimbra as well. Will buy a new SSL.

    So basically i want to install multiple SSL for multiple domains, this way when users access the zimbra interface with their url, it won't throw them an SSL error.

    Please let me know if its possible.

    Thanks

  5. #5
    Member ZeXtras Reseller
    Participant

    Join Date
    Nov 2012
    Posts
    47
    Hi,

    Quote Originally Posted by vinzenz View Post
    In the admin console (Zimbra OSS 8.0.1) under domain configuration you should find a certificate section, where you can specify a different certificate and corresponding private key for each.
    Not sure if this works for the web server or for SMTP only, but its worth a try (or look it up in the documentation). Otherwise you should be able to achieve this with a reverse proxy.
    Anyway, browsers and server of course need support for TLS Server Name Indication.
    The problem is that the web interface of zimbra for ssl part is completely broken throws all sorts of errors when trying to generate csr etc. Will still check.

    Thanks

  6. #6
    CTO ZeXtras Employee d0s0n's Avatar
    Join Date
    Apr 2011
    Posts
    565
    Sorry anandi, but I don't think that function is broken, only there are some requirements that are somewhat complex to activate (ie. the package zimbra-proxy and multiple ip addresses), so I prefer to buy a multiple domain names SSL certificate that can be modified for every new domain added to the server.

    This is my humble opinion on the matter, do your own evaluations.

    D0s0n
    ZeXtras Website # ZeXtras Wiki # ZeXtras Store

    Head of ZeXtras System Administrators

  7. #7
    Member ZeXtras Reseller
    Participant

    Join Date
    Nov 2012
    Posts
    47
    Hi D0s0n,

    Thanks for the reply. Can i use the installer shell script to install the proxy later on ? And how to configure the same ? Any links for documentation. Since these domains are different, i cannot use a wildcard ssl. Apart from that i haven't come across any ssl which will allow you to use a single certificate for multiple domains (NOT sub-domains).

    Thanks

  8. #8
    CTO ZeXtras Employee d0s0n's Avatar
    Join Date
    Apr 2011
    Posts
    565
    I never done that... but follow my suggestion: search for ucc certificate.

    D0s0n
    ZeXtras Website # ZeXtras Wiki # ZeXtras Store

    Head of ZeXtras System Administrators

  9. #9
    Junior Member
    Join Date
    Jan 2013
    Posts
    1
    Quote Originally Posted by anandi View Post
    Hi,

    I have a main zimbra server hostname -> zimbraxxx.domain.com, for which i got an ssl and installed it on zimbra successfully.

    Now i am adding more domains to the server, and want to add / buy SSL for those domains as well. How can i do so ?

    Thanks
    As far as i know, There are such types of ssl certificate that can be issued for various uses

    1). domain validation ssl, business validation ssl, extended validation ssl secure single domains.
    2). wildcard ssl secure your primary domain plus multiple subdomains
    example
    domain.com
    one.domain.com
    two.domains.com
    3). multi domains ssl secure your primary domain plus multiple additional domains
    example
    domains.com
    clickssl.com
    yourdomain.com

    * If you buy multi domain ssl then you don't requre to dedicated ip you can secure all domans on single server*

    In your case you need to buy multi domain ssl

    For your more information; who provide multi domian or UCC/SAN ssl certificate?

    GeoTrust
    DigiCert
    GlobalSign
    Last edited by Kemshybabe; 02-06-2013 at 06:28 AM.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •