Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Multiple SSL Certificates (I have two SSL certificates, but only one is used, why?)
  •  
troymurray@me.com

Messages: 5

Karma: 0
Send a private message to this user
So I have two email domains, domain1.com and domain2.com, and I have a SSL certificate for each domain installed in Kerio. If I go to domain1.com in a web browser, the one set as Active, shows the connection and certificate is good, no problems, no pop-up warning about the certificate.

If I browse to https://domain2.com, then I get a pop-up telling me that the domain doesn't match the certificate used (domain1.com SSL is being used). How do I make the domain2.com use the domain2.com SSL certificate.

--
Troy Murray
  •  
keywerks

Messages: 73
Karma: -2
Send a private message to this user
Hi,

currently KMS does not support multiple certificates nor multi-domain certs. Maybe in a future release we will be able to secure more than one domain.

Regards,
Wolfgang Neikes

*************************************
PHPStar - the missing gear in your web engine
Visit http://phpstar.keywerks.de
*************************************
  •  
troymurray@me.com

Messages: 5

Karma: 0
Send a private message to this user
That's very disappointing to say the least. I wish I would have found that documented before I purchased a second domain SSL certificate.

--
Troy Murray
  •  
rinzwind

Messages: 145
Karma: 1
Send a private message to this user
The SSL certificate is for communication with the e-mail server. So you can still use SSL with mutiple domains, as long as the FQDN (ie mail.server.nl) of the e-mail server uses a valid certificate.
  •  
troymurray@me.com

Messages: 5

Karma: 0
Send a private message to this user
Problem is, if the user goes to https://domain2.com, the domain1.com certificate is presented, and since the domain doesn't match, it looks suspicious to the user. Kind of a waste of money.

--
Troy Murray
  •  
freakinvibe

Messages: 1529
Karma: 60
Send a private message to this user
You should have purchased a "Wildcard certificate" for multiple domains as described here:

http://support.kerio.com/index.php?_m=knowledgebase&_a=v iewarticle&kbarticleid=222&nav=0,1,37

That supports multiple domains on KMS.

Dexion AG - The Blackberry Specialists in Switzerland
https://dexionag.ch
  •  
willowsv

Messages: 119
Karma: 0
Send a private message to this user
You would need two public IP Addresses (one for each domain) and the ability to map a certificate to traffic coming in on a particular IP Address.

As already said the ability to do this is not present in KMS.
  •  
gaselec

Messages: 13
Karma: 0
Send a private message to this user
I'm unable to get that link to work. Reading these threads it's not clear to me if by purchasing a suitable certificate it is possible for multiple domains to have certification from a single certificate. I do understand that only one certificate can be activated in Kerio at any one time. would be grateful for anyone who has this in use including knowing whose certificate they used.

S G Baker GAS Electronic Systems Ltd
Previous Topic: Outlook contact vcard TNEF not decoded
Next Topic: Office 2007+ koff+3 profiles=crahsHi
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Fri Sep 22 10:16:04 CEST 2017

Total time taken to generate the page: 0.00482 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.