When I create a new SSL certificate for a domain through DA it displays all subdomains (and mail, smtp, ftp, etc.) in a list. I put checkboxen with all of them and in a matter of minutes the domain name https://domain.com works perfectly. The problem is that mail.domain.com does not work. For some reason the certificate is not used by mail.domain.com.
When I do a test ssl-tools.net/mailservers I get:
------
The mailservers of mail.domain.com can be reached through an encrypted connection.
However, we found problems that may affect the security.
------
The error given is "Hostname Mismatch". For some reason mail.domain.com uses the certificate of the server (not the user). So for example: server.hostingprovider.com
I have checked a lot of topics but cannot find the problem.
My /usr/local/directadmin/data/users/username/domains/domain.com.san_config looks like:
[ req ]
default_bits = 4096
default_keyfile = keyfile.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
prompt = no
output_password = bogus
[ req_distinguished_name ]
CN = domain.com
emailAddress = [email protected]
[ req_attributes ]
[ SAN ]
subjectAltName=DNS:ftp.domain.com, DNS:mail.domain.com, DNSop.domain.com, DNS:domain.com, DNS:smtp.domain.com, DNS:www.domain.com
What am I doing wrong?
When I do a test ssl-tools.net/mailservers I get:
------
The mailservers of mail.domain.com can be reached through an encrypted connection.
However, we found problems that may affect the security.
------
The error given is "Hostname Mismatch". For some reason mail.domain.com uses the certificate of the server (not the user). So for example: server.hostingprovider.com
I have checked a lot of topics but cannot find the problem.
My /usr/local/directadmin/data/users/username/domains/domain.com.san_config looks like:
[ req ]
default_bits = 4096
default_keyfile = keyfile.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
prompt = no
output_password = bogus
[ req_distinguished_name ]
CN = domain.com
emailAddress = [email protected]
[ req_attributes ]
[ SAN ]
subjectAltName=DNS:ftp.domain.com, DNS:mail.domain.com, DNSop.domain.com, DNS:domain.com, DNS:smtp.domain.com, DNS:www.domain.com
What am I doing wrong?