Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

EV certificate for serverwide webmail

Discussion in 'Security' started by Markif, Jun 20, 2018.

  1. Markif

    Markif Member

    Joined:
    Nov 9, 2016
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    76
    Location:
    Toulouse
    cPanel Access Level:
    Root Administrator
    Hello

    In "Manage Service SSL Certificates" there is a common certificate for "Calendar, cPanel, WebDisk, Webmail, and WHM Services"

    I would like to use a standard domain-validated certificate for "Calendar, cPanel, WebDisk and WHM Services", but an "Extended Validation / green bar" for server-wide "Webmail" application (to help webmail users be aware of phishing possibilities etc...) .

    The WHM webinterface does not give this possibility I'm afraid (to make a difference between the webmail and the other WHM service certificats) , but is there an indication if it is possible to put the EV-certificat for webmail somewhere on the server ?

    Thanks,
    Marco
     
  2. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    1,814
    Likes Received:
    133
    Trophy Points:
    118
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    You can install any certificate for the hostname in WHM>>Service Configuration>>Manage Service SSL certificates. This covers ALL WHM services including webmail. You can't install just one certificate for webmail and one for other services here though which is what I think you're asking to do. May I ask why you want to use two separate certificates?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Markif

    Markif Member

    Joined:
    Nov 9, 2016
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    76
    Location:
    Toulouse
    cPanel Access Level:
    Root Administrator
    I think EV-certificates are not available in wildcard version. So we would have to buy a multi-domain EV-certificate and buy an additional SAN for every system hostname as our clients are used to use different host-names for smtp.ourdomain.tld, pop.ourdomain.tld, imap.ourdomain.tld, webmail.ourdomain.tld
    So the idea to limit the EV-certificate to only webmail.ourdomain.tld was to limit financial costs, and the "green bar" functionality of a EV-certificat is of less interest for services as SMTP, POP, IMAP etc...
     
  4. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    1,814
    Likes Received:
    133
    Trophy Points:
    118
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @Markif

    What I would do in this instance would be to install the EV cert on the hostname. This means you've got all cPanel services covered, then have your users access webmail over the hostname if they don't have a certificate of their own the hostname certificate would cover them - if they do have a certificate they could still use the hostname cert or their own.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice