Back to Community Threads
1
new SM 8720 beta: where are ADDED: SNI SSL/TLS support options and settings?
Question asked by Gabriele Maoret - SERSIS - 11/17/2023 at 3:36 AM
Answered
I have installed the new SM 8720 beta, but can't find  SNI SSL/TLS support options and settings...

Where can I find them?
And also:

- is there a guide on how to configure everything?
- if there are any domain ALIAS, is there anything to do for these too?
Gabriele Maoret - Head of SysAdmins at SERSIS
Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)

11 Replies

Reply to Thread
0
Ann Kinser Replied
11/17/2023 at 7:47 AM
According to the SM 8720 beta documentation, SNI SSL/TLS support is enabled by default and can be configured in the following steps:

Go to the SSL/TLS tab in the Settings menu.
Click on the Add Certificate button to upload your SSL/TLS certificate and private key for each domain name you want to host on the same IP address.
Enter the domain name in the Server Name field and select the corresponding certificate from the Certificate dropdown menu.
Click on the Save button to apply the changes.
You can find more details and examples in the SM 8720 beta SNI SSL/TLS guide.
geometry dash subzero
0
Sabatino Replied
11/17/2023 at 8:49 AM
Sni/ssl support is in the general tab of the domain

Here you can upload the certificate with the relevant key which must be consistent with the hostname field in the options tab of the domain I imagine

So that then as an imap/smtp/pop/eas endpoint you can use hostname

I believe it doesn't affect webmail at the moment
But you must already have the certificate somewhere as a pfx on disk.
So you have to generate it somehow

I don't think we have integrated self-generation systems at the moment
Sabatino Traini
      Chief Information Officer
Genial s.r.l. 
Martinsicuro - Italy
0
Ricardo Ranieri Replied
11/17/2023 at 10:04 AM
When we try to activate Let's Encrypt on Domain we always receive the error:

Domain validation has failed. Please ensure that the hostname is accessible through HTTP from the internet.

The hostname is correct as well as the http access.
0
Sabatino Replied
11/17/2023 at 10:24 AM
Oops
Enable ACME Certificate Authority integration I missed.

Settings/General

I'll try
Sabatino Traini
      Chief Information Officer
Genial s.r.l. 
Martinsicuro - Italy
0
Roger Replied
11/17/2023 at 12:04 PM
I have the same problem. When I try to automatically generate the SSL certificate for mail.mydomain.com for a domain name under General (Let's encrypt), I get the following error message:

None of the hostnames entered can be reached via HTTP. This is a prerequisite for automatic certificate creation.
Please fix this problem or go back and upload a certificate manually instead.


The FQDN is accessible via port 80 so I don't know what this error message is for. Do I have to remove the binding of the domain in IIS first? Where can I find the documentation for this?
0
I'm not able to use the new Let'Encrypt certificate...

I have two issues:


1 - Ann Kinser  wrote:
<<<<<<<
"You can find more details and examples in the SM 8720 beta SNI SSL/TLS guide."
>>>>>>>

I can't find that guide... Can you post the link to it?



2 - Ricardo Ranieri wrote: 

<<<<<<<<<<
When we try to activate Let's Encrypt on Domain we always receive the error:

Domain validation has failed. Please ensure that the hostname is accessible through HTTP from the internet.

The hostname is correct as well as the http access.
>>>>>>>>>>>>

Same issue here...
Gabriele Maoret - Head of SysAdmins at SERSIS
Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
0
Nouman Saeed Replied
11/19/2023 at 2:45 AM
Ricardo, did you able to solve domain validation issue?
Nomi
0
Ricardo Ranieri Replied
11/19/2023 at 4:51 AM
I couldn't do it, always the same error
1
Tim Uzzanti Replied
11/19/2023 at 7:06 PM
Employee Post Marked As Answer
We are aware there are some compatibility issues with certifytheweb and considering different solutions to work around it.
Tim Uzzanti
CEO
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
0
Vivio Technologies Replied
11/21/2023 at 11:33 AM
Hi Tim, 

I am not sure if you have seen https://poshac.me/docs/v4/ maybe that might be an option to consider?  Not sure if it would work or not, but it was something we came across the other week. 

Sincerely, 

Mark Keymer
President
Vivio Technologies
0
echoDreamz Replied
11/21/2023 at 12:05 PM
https://github.com/natemcmaster/LettuceEncrypt we've used this for a few projects, it works brilliantly.
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Set up Autodiscover for SmarterMailSmarterMail > Installation and Configuration
Configure SSL/TLS to Secure SmarterMailSmarterMail > Server Configuration and Management
Securing SmarterMail With Let's EncryptSmarterMail > Installation and Configuration
Set Up a MAPI Account in Outlook 2016 and Above for WindowsSmarterMail > Desktop and Mobile Synchronization
Troubleshooting Tips for Online MeetingsSmarterMail > Troubleshooting