Hi, can someone help me with this question ?
Our mail users connect to old server at imap.zimbraMailServer.nl and smtp.zimbraMailServer.nl (example name) to connect with imap and smtp.
I installed a new carbonio CE server and because we changed companyname I named it mail.carbonioMailServer.nl (example name)
Now I want to change the dns for imap.zimbraMailServer.nl and smtp.zimbraMailServer.nl to become a cname for mail.carbonioMailServer.nl.
I noticed virtual domain and certificates is mainly a webmail solution.
But is it possible to connect with SSL on port 587 and 993 and that mail.carbonioMailServer.nl will accept and use letsencrypt certificate for imap.zimbraMailServer.nl and smtp.zimbraMailServer.nl without error messages about the certificate name?
And if so, can someone give me a direction where to find info ?
The way is to create a new certificate with both domains on it.
I wrote a tutorial that might help you:
https://www.anahuac.eu/lets-encrypt-on-carbonio-system-root-with-acme-sh/
You may also join us in Telegram: https://t.me/CarbonioMail
Hi @anahuac,
Thanks for your help. I used to make the certificates with certbot but I have done what you described now. So certificates are created and installed but I cannot connect with the server from my outlook or iphone with SSL.
So connecting is slow and then I get the following error.
" The server you are connected to is using a security certificate that cannot be verifed. The target principal name is incorrect. "
I looked at the firewall and the nescessary ports 993, 587 etc are open. So I think there is something else wrong with the config.
have you added both domains to the certificate AND removed virtualhost from it?
That's truly odd... I have this working perfectly in many servers already...
idk what else suggest you to do.
If you get out of options and want some professional assistance let me know. I may get into your server and figure it out and fix it.
I think it is either a proxy problem because if I test my certificate at
https://www.immuniweb.com/ssl/imap.online.net/11WLWdeV/
and everything works fine. Except connecting with whatever mailclient will give the error.
I explain that in the article... certificates works on layers... I think your certificate is just on proxy and not on the Carbonio's root system... that's why it works fine with all services that uses the proxy. But that's not the case with IMAP and STMP.
I understand, but the method you provided is installing the certificate on the root system, right?
yes is it... you add both domains to the certificate and add the certificate on the root system as explained in the article. It just works.