Author Topic: SSL Certificate for e-mail: do I need wildcard?  (Read 1548 times)

Offline VincentAuer

  • Newbie
  • *
  • Posts: 1
SSL Certificate for e-mail: do I need wildcard?
« on: November 22, 2015, 08:43:11 AM »
Hi there,
I would like to use a SSL Certificate so my customers can securely connect with my mailserver (instead of a self-signed certificate like now).
The mailserver is also webserver, and listens to a FQDN like: server.example.com.
The mailserver I provide my clients is mail.example.com (which points to the IP of server.example.com with a DNS A-Record)

My question is now: if I take a single SSL-certificate (so no wildcard) for server.example.com, will this be enough to also secure mail.example.com (as the FQDN of the server is server.example.com and this will have a valid SSL) or do I need a wildcard certificate for *.example.com because the mail-clients are being told to connect to mail.example.com?
Or, if you like, the actual question is: for SMTP (not HTTP!) do I need a SSL-certificate for the hostname that is configured in the mail-client or is it sufficient to have a SSL-Certificate for the FQDN of the server (which is also what the server sends (EHLO))

Thanks in advance, tried for ages to find out but couldn't find something really answering my question until now.
« Last Edit: November 22, 2015, 09:32:41 AM by VincentAuer »

Offline MilesWeb

  • Newbie
  • *
  • Posts: 5
Re: SSL Certificate for e-mail: do I need wildcard?
« Reply #1 on: November 25, 2015, 05:29:17 AM »
SSL is host based if you take SSL for server.example.com then it will only secure server.example.com
You will have to take a separate SSL for mail.example.com
If you buy Wildcard SSL then it will work for *.example.com

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek