Topic: security certificate and webmail

[mcp_dk]

When i log into my webmail via SSH i get a display that the name of the security certificate is invalid or the name doesn't match the name of the website.

When i view the certificate i see that it is issued to lillenet.lillenet.dk (my domain is lillenet.dk)
I log in via http://webmail.lillenet.dk which redirects to https://lillenet.dk/horde/

How do i fix it so the certificate matches the websites name ??

[Mumm-Ra]

There are 2 different methods.

1. You can install your current certificate on all pc's that you use.  Then, whenever you log into your webmail, you wont get the prompt anymore, but only on the pc's that the certificate has been installed on.

2. You can purchase a certificate from a root authority and install that on your server.  Then, depending on which root authority you purchase from, any pc on the internet will accept the certificate (depending on browser version).
You can purchase a certificate quite cheaply now from http://www.freessl.com or http://www.instantssl.com
They both offer a free trial for a month.
You can install a certificate from a root authority by following one of the many explanations on these forums.

[mcp_dk]

i have chosen method (1)

I have installed the certificate on the PC's where i use the webmail and it is also not expired. which means 2 of 3 requirements are Ok. It is the last one with the name of the certificate doesn't match the name of the webserver that is causing me trouble.

[Mumm-Ra]

you have to have the actual name of your server, then your domain, then /webmail in the url

for an example - when I set my server up i call it mail.  therefore when I want to use my webmail is use https://mail.<domainname>/webmail

I'm not too sure what you've done to have webmail.lillenet.dk as your url
Have you been hacking the httpd.conf templates?  If so the fragment that you've modified requires the following as the redirection https://<servername>.lillenet.dk/horde instead of https://lillenet.dk/horde/

[dzeanah]

I guess a good follow-up question would be this:

Pretend you've got an SME server running 4 domains, each of which is providing webmail over SSL.  Is there a way to install all the certificates so that each domain appears valid?

Right now https://maindomain/webmail works beautifully, but https://altdomain/webmail throws up a warning saying the site is identifying itself as maindomain rather than altdomain.

Make sense?

[Mumm-Ra]

from viewing other posts on the forums, you cannot have more than one certificate on your SME server.

[Boris]

This request was coming up so many times, that it could be item in the wish list for future versions of SME.
Having ability to assign multiple IP addresses to SME and bind apache to different IP based virtual servers with separate SSL certificates per IP.

Note to moderators: can this topic be moved to suggestions section?

[Mumm-Ra]

not a bad idea Boris

[mbachmann]

I added this to the wish-list, Boris