Subdomain Certificate on SMTP Server

Question

So I have an SSL certificate specifically for my mail. subdomain, and a separate certificate for my root domain.

Obviously, I don't want emails to be sent or received looking like user@mail.mydomain.com, I'd prefer user@mydomain.com. Will it cause any issues if I use the mail. certificate with Dovecot or should I use my root certificate?

All subdomains are actually handled by one server.

score 3 · Accepted Answer · answered Aug 06 '17 at 12:46

3

The common name of the mailserver must match the used domain of the mailserver. The certificate is independent of the domains handled of the mailserver.

In your case, you don't need to do anything.

The clients connect to the mailserver by resolving the domain, then they check the common name of the certificate against the previously used domain.

For sending servers, the used domain is the one in the MX record
For clients (MUAs), the use the configured domain in their settings.

answered Aug 06 '17 at 12:46

sebix

4,313
2
29
47

Okay, so if I put the MX record as `mail.` I can send and receive emails as `@mydomain.com` but I should use the `mail.` SSL certificate? – ScottishTapWater Aug 06 '17 at 12:54
1

@JamesHughes yes – sebix Aug 06 '17 at 13:00

Subdomain Certificate on SMTP Server

1 Answers1