EV certificate for serverwide webmail

Markif

Member
Nov 9, 2016
8
0
76
Toulouse
cPanel Access Level
Root Administrator
Hello

In "Manage Service SSL Certificates" there is a common certificate for "Calendar, cPanel, WebDisk, Webmail, and WHM Services"

I would like to use a standard domain-validated certificate for "Calendar, cPanel, WebDisk and WHM Services", but an "Extended Validation / green bar" for server-wide "Webmail" application (to help webmail users be aware of phishing possibilities etc...) .

The WHM webinterface does not give this possibility I'm afraid (to make a difference between the webmail and the other WHM service certificats) , but is there an indication if it is possible to put the EV-certificat for webmail somewhere on the server ?

Thanks,
Marco
 

cPanelLauren

Forums Analyst II
Staff member
Nov 14, 2017
8,126
667
263
Houston
cPanel Access Level
DataCenter Provider
You can install any certificate for the hostname in WHM>>Service Configuration>>Manage Service SSL certificates. This covers ALL WHM services including webmail. You can't install just one certificate for webmail and one for other services here though which is what I think you're asking to do. May I ask why you want to use two separate certificates?
 

Markif

Member
Nov 9, 2016
8
0
76
Toulouse
cPanel Access Level
Root Administrator
May I ask why you want to use two separate certificates?
I think EV-certificates are not available in wildcard version. So we would have to buy a multi-domain EV-certificate and buy an additional SAN for every system hostname as our clients are used to use different host-names for smtp.ourdomain.tld, pop.ourdomain.tld, imap.ourdomain.tld, webmail.ourdomain.tld
So the idea to limit the EV-certificate to only webmail.ourdomain.tld was to limit financial costs, and the "green bar" functionality of a EV-certificat is of less interest for services as SMTP, POP, IMAP etc...
 

cPanelLauren

Forums Analyst II
Staff member
Nov 14, 2017
8,126
667
263
Houston
cPanel Access Level
DataCenter Provider
Hi @Markif

What I would do in this instance would be to install the EV cert on the hostname. This means you've got all cPanel services covered, then have your users access webmail over the hostname if they don't have a certificate of their own the hostname certificate would cover them - if they do have a certificate they could still use the hostname cert or their own.