Re: wildcard SSL on other host domain

Hi,

Trying to force all hosts to use primary incoming and outgoing host (*.xyz.com) which is on SSL, but when trying to test name@abc.com on checktls.com getting below error rather flagging, so if i want my ssl configured domain to be used by all domains hosted for secure mailing then is below flagging accepted or will create issue.

[000.500]		Cert VALIDATED: ok
[000.500]		Cert Hostname DOES NOT VERIFY (mail.abc.com != *.xyz.com)
[000.500]		(see RFC-2818 section 3.1 paragraph 4 for info on wildcard ("*") matching)
[000.500]		So email is encrypted but the host is not verified

Thanks

Employee Replied

10/26/2016 at 3:30 PM

Employee Post

Hemen,

If you're configuring the e-mail clients with say secure.xyz.com as as the mail server address, this will not cause any errors.

It looks like Check TLS returned a warning since it had connected against mail.abc.com from what I can tell, this didn't line up with the certificate passed along in the handshake for *.xyz.com.

If you setup Outlook with an account from ABC.com and point the mail server to secure.xyz.com with TLS\SSL are any errors encountered ?

Hemen Shah Replied

10/27/2016 at 12:24 AM

Hi Von,
I am using it for some family domains and i dont see any issue with that, this was noticed when testing it on unlocktheinbox.com and checktls.com, i dont see any issue using the secure domain has incoming and outgoing server with on other domains, but with such flagging am not sure it impacts on score while mail delivery.

Employee Replied

10/27/2016 at 7:46 AM

Employee Post

I'm pretty confident that you'll be okay and that your IP reputation will be unaffected by this as it's only a verification warning.

This will really only effect mail clients that detect the certificate mismatch and display a warning. Outbound mail will be unaffected.

3 Replies

Reply to Thread

Related Knowledge Base Articles

3 Replies

Reply to Thread

Tags

Related Knowledge Base Articles