Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » SSL Certificate Trouble
  •  
keywerks

Messages: 73
Karma: -2
Send a private message to this user
Hi.

Last days we decided to request a signed certificate, because of better security. After reading the Kerio KB, we've chosen GeoTrusts QuickSSL. It seemed to be a good choice, because it isn't too expensive and the Kerio KB told us it would work without any trouble. After requesting, verifing and installing the new certificate, the main domain (let's say "domain-a.com") is now secured.

But we're hosting several domains and all of them give errors when connecting through a secured connection. I do not understand why this happens. Our new certificate should be a "multi-domain" certificate as described here.

What's going wrong?

*************************************
PHPStar - the missing gear in your web engine
Visit http://phpstar.keywerks.de
*************************************
  •  
keywerks

Messages: 73
Karma: -2
Send a private message to this user
Oh, come on. Is there nobody out there who is able to help me? Are my questions so silly?

*************************************
PHPStar - the missing gear in your web engine
Visit http://phpstar.keywerks.de
*************************************
  •  
Nixs

Messages: 159
Karma: 0
Send a private message to this user
As I understand it, you will need to purchase a QuickSSL certificate for each domain. QuickSSL is a single host on a single domain certificate.

If you had multiple sub domains under a single domain, you would have purchased a Wildcard certificate, which costs a bit more.

If you wanted to have a single certificate for multiple domain names, you would have purchased a Multi Domain Digital SSL Certificate. I don't see where GeoTrust offers this. PositiveSSL is the only one I see that offers MDC certificates, but aren't Kerio "certified."

http://www.positivessl.com/ssl-certificate-products/ssl/mult i-domain-ssl-certificate.html

You still pay per domain name protected. It's not a flat rate for unlimited domains. If you purchase 4 domains, you can get it down to $25/domain per year.


The Kerio documentation you link to doesn't match my experience. A Wildcard certificate is usually something like *.domain-a.com where any host can be covered by the certificate. But not multiple domains. A Multiple domain certificate is quite different.


Another way to go about this which can be cheaper is to purchase some non specific domain name to name your mail server. superemailserver.com for example. Get a certificate for that. Have all your domains connect to that domain name to get their e-mail, not their own name. May not be viable in your situation, but it is an option.


  •  
keywerks

Messages: 73
Karma: -2
Send a private message to this user
Hello Nixs,

thanks a lot for your information. That is exactly what I need and exactly what I fear. Kerio seems unable to give correct instructions. Now it's my turn to decide.

Thank you very much,
Wolfgang

*************************************
PHPStar - the missing gear in your web engine
Visit http://phpstar.keywerks.de
*************************************
Previous Topic: Mettings with outlook connector and outlook 2007
Next Topic: smtp failed in log
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Wed Nov 22 04:39:27 CET 2017

Total time taken to generate the page: 0.00365 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.