1 Topic by titanicx

  • titanicx
  • Member
  • Offline
  • Registered: 2013-01-19
  • Posts: 8

Topic: System name + SSL cert

==== Required information ====
- iRedMail version: 0.4.1
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): PGSQL
- Web server (Apache or Nginx): Apache
- Linux/BSD distribution name and version: Ubuntu
- Related log if you're reporting an issue:
====


I want to know how I can change the SSL cert the system issues from the Sytemname.domain.com to my mail.domain.com address that is used for mail. The system name is not the same as the mail name. Where can I make that change so when my outlook clients see the cert they can verify who it is from.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: System name + SSL cert

The one generated by iRedMail during installation is self-signed, you need to buy a SSL certificate to avoid this.
Check our tutorial:
http://www.iredmail.org/docs/use.a.boug … icate.html

3 Reply by schnappi

  • schnappi
  • Member
  • Offline
  • Registered: 2015-02-13
  • Posts: 153

Re: System name + SSL cert

You can also generate your own.

This command should point you in the right direction if you want to generate your own:

sudo openssl req -x509 -nodes -days 1825 -newkey rsa:4096 -keyout /etc/apache2/ssl/name.key -out /etc/apache2/ssl/name.crt

Don't be fooled by what the companies selling SSL certificates say. A self-signed certificate is just as secure. If really paranoid just check the fingerprint every time. Of course if you are in a commercial setting you probably have no choice but to buy unless you can create your own certificate authority and deploy to all machines via group policy.

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: System name + SSL cert

Self-signed certification secures network connection, it's as secure as a bought ssl certificate.
The point is, with a self-signed cert, mail clients and web browsers will prompt users about this self-signed ssl certificate, this is annoying, and you may want to scare non-technical users with this annoying message. So, buy a ssl certificate if you care about this.