Using SSL on Ability Mail server

Using SSL on Ability Mail server

Postby skeating » Tue May 30, 2017 2:05 pm

Hello

I had asked this question awhile ago, but have misplaced the answer. I have an Ability Mail server, with multiple domains on it, and need to get an SSL certificate. Can I get the certificate (I'll be getting it from GoDaddy) using the server name to generate it, but have the domains on the server covered by the certificate? That way I would only need to get a single SSL, not a multi-domain one.

Thanks
Stephen Keating
skeating
 
Posts: 60
Joined: Tue Dec 15, 2015 10:00 pm

Re: Using SSL on Ability Mail server

Postby Code Crafters » Wed May 31, 2017 8:03 am

As long as everybody accesses your server using a single hostname (e.g. mail.yourdomain.com) then you can get a certificate with that single host domain as the common name for your entire Ability Mail Server. We only currently allow one certificate per service (e.g. SMTP, WebMail etc.) but would like to in the future be able to offer per domain SSL certificates. However, this is a major change so this isn't planned for any future updates at the moment.
Code Crafters
 
Posts: 933
Joined: Mon Sep 10, 2007 2:35 pm

Re: Using SSL on Ability Mail server

Postby skeating » Wed May 31, 2017 12:17 pm

So if I have three domains on the server:

Acme.com
Sky.com
Wind.com

and the MX record for each is different, instead of the one name for it, i.e. themailbox.com, then I would have to get an SSL for each? And if I have to get an SSL for one, and apply it, then the other two domains would not be able to send, correct?
skeating
 
Posts: 60
Joined: Tue Dec 15, 2015 10:00 pm

Re: Using SSL on Ability Mail server

Postby Code Crafters » Thu Jun 01, 2017 9:02 am

Other email servers will use your MX records to deliver to your domains. However, your DNS provider should allow you to use a host name as the MX record for your domains.

For example, we have our main domain codecrafters.com set up with an MX record of mail.codecrafters.com which points to our email server IP. Then we have several other domains such as code-crafters.com with an MX record of mail.codecrafters.com. So you create an MX record for one of your domains using an IP and then use this MX record domain as the MX record for other domains.

Your email cients (e.g. Outlook, WebMail) can use your main MX record to connect (e.g. mail.codecrafters.com).
Code Crafters
 
Posts: 933
Joined: Mon Sep 10, 2007 2:35 pm

Re: Using SSL on Ability Mail server

Postby skeating » Thu Jun 01, 2017 12:19 pm

Sorry if I appear dim, but just to be sure; When I create the CSR, I can use any domain name on the server (with an MX record), or only the server domain name, (which has it's own MX recored)? Since this will be the information for a SSL certificate from GoDaddy, I want to make sure I get it right.
skeating
 
Posts: 60
Joined: Tue Dec 15, 2015 10:00 pm

Re: Using SSL on Ability Mail server

Postby Code Crafters » Thu Jun 01, 2017 3:35 pm

You can use any domain that points to your mail server IP address for the certificate. But then all of your MX records must be set to this domain. Make sure that your domain provider allows domain host names for MX records first though. You should then use the same domain as your certificate common name for accessing from any clients / browsers.
Code Crafters
 
Posts: 933
Joined: Mon Sep 10, 2007 2:35 pm

Re: Using SSL on Ability Mail server

Postby skeating » Thu Jun 01, 2017 4:25 pm

So if using my above example, if I used Acme.com for the certificate, then Sky.com and Wind.com must have the same MX record as Acme.com, meaning the point to the same IP address, or that they are called the same thing. For example the MX record for Acme.com is mail.acme.com, so the MX record for Sky and Wind must also be mail.acme.com?
skeating
 
Posts: 60
Joined: Tue Dec 15, 2015 10:00 pm

Re: Using SSL on Ability Mail server

Postby Code Crafters » Fri Jun 02, 2017 1:32 pm

You should have the following DNS setup:

A record - acme.com = your website IP
A record - mail.acme.com = your Ability Mail Server IP
MX record - acme.com = mail.acme.com

A record - sky.com = your website IP
MX record - sky.com = mail.acme.com

A record - wind.com = your website IP
MX record - wind.com = mail.acme.com

SSL certificate common name = mail.acme.com

I assume these are just example domains and that you don't actually own sky.com?
Code Crafters
 
Posts: 933
Joined: Mon Sep 10, 2007 2:35 pm

Re: Using SSL on Ability Mail server

Postby skeating » Fri Jun 02, 2017 6:21 pm

Purely hypothetical. Thanks for the information
skeating
 
Posts: 60
Joined: Tue Dec 15, 2015 10:00 pm

Re: Using SSL on Ability Mail server

Postby skeating » Fri Jun 09, 2017 6:58 pm

One other question. The version of Ability I am using, 2.53, only supports 1024-bit key SSL. Is there a version that will support 2048-bit key SSL, and can I upgrade from 2.53. to that?

Thanks
skeating
 
Posts: 60
Joined: Tue Dec 15, 2015 10:00 pm

Re: Using SSL on Ability Mail server

Postby Code Crafters » Sat Jun 10, 2017 8:59 pm

Ability Mail Server 4 supports 2048 bit SSL keys.

You can download and try the latest version from http://www.codecrafters.com/AbilityMailServer/Download
You can purchase a new license from http://www.codecrafters.com/AbilityMailServer/BuyNow
Please see http://www.codecrafters.com/AbilityMail ... ateHistory for a full list of updates.

There is a Version 2 / 3 Import Tool that runs on the first run of Ability Mail Server 4 or later from the Tools page of the Settings that will migrate all of your version 2 settings and emails as well as upgrade any settings such as the WebMail options for the new WebMail front end in Ability Mail Server 4.
Code Crafters
 
Posts: 933
Joined: Mon Sep 10, 2007 2:35 pm

Re: Using SSL on Ability Mail server

Postby skeating » Mon Jun 12, 2017 12:35 pm

Which OSs will 4.2.2 run on?
skeating
 
Posts: 60
Joined: Tue Dec 15, 2015 10:00 pm

Re: Using SSL on Ability Mail server

Postby Code Crafters » Mon Jun 12, 2017 3:26 pm

Ability Mail Server 4 supports Windows 2016, 2012, 2008, 2003, 10, 8.1, 8, 7, Vista and XP.
Code Crafters
 
Posts: 933
Joined: Mon Sep 10, 2007 2:35 pm

Re: Using SSL on Ability Mail server

Postby skeating » Mon Jun 12, 2017 3:49 pm

And just to be sure, I cannot do an upgrade on the current server from 2.53, I must stand up another server, load server 4 on it, then import the settings from the current server.
skeating
 
Posts: 60
Joined: Tue Dec 15, 2015 10:00 pm

Re: Using SSL on Ability Mail server

Postby Code Crafters » Thu Jun 15, 2017 9:41 am

You can do it on the same server. Just install Ability Mail Server 4 (separate install folder "C:\Code Crafters\Ability Mail Server 4"). Then run the version 2 / 3 import tool from Ability Mail Server 4 to import your version 2 installation from the same server. This will migrate all of your emails and settings as well as adjusting settings such as the new WebMail system settings as appropriate.
Code Crafters
 
Posts: 933
Joined: Mon Sep 10, 2007 2:35 pm


Return to General

Who is online

Users browsing this forum: No registered users and 1 guest

cron