On 15/10/2012 15:34, Reindl Harald wrote:
Am 15.10.2012 15:25, schrieb Dominique:
On 15/10/2012 14:20, Wietse Venema wrote:
Dominique:
I am trying to secure the mail service we have for other domains we
have, as all mail users will not access all mail domains. We have a
certificate for the current mail server connections (TLS). Each new mail
domain should have its own certificate, no ?
You did not answer the question: why do you need per-domain SMTP
server certificates?
That is entirely separate from the question of why you need them
on a single IP address.
Wietse
Maybe there is something I dont understand, hence it seems I do not answer the
way you're expecting. If I have
various domains for various mail servers i.e. mail.domain1.com,
mail.domain2.com, mail.domain3.com do I not need a
certificate for each?
if it is the same server there is no need for "mail.domain1.com",
"mail.domain2.com"
as said this is not HTTP where the hostname matters
you even do not need any mail.domain.tld-DNS record
as said: "mail.yourdompany.com" is enough
____________
if you start with mail.domain1.com, mail.domain2.com, mail.domain3.com
you have only a lot of useless work with DNS and in this case YES
you need a matching certificate and if it is some sort of business
all these certificates have to be sigend by a CA like Thawte
which costs you a lot of money
____________
again: nobody needes different hostnames for the same mailserver
except for useless beautiful names
Thanks for the info. All those mail server domain are hosted on the same
machine - so one certificated will do. I learned something today.
Dominique
