Moving servers - email certificate problem

sp3ctre69

Well-Known Member
Aug 14, 2006
105
3
168
Hi,

I have a number of servers running cPanel, and tend to add new accounts to the newer servers. Over time customers drop off the older hardware, leaving only a few accounts on them. At this point the server is no longer viable, and I either need to migrate them to a VPS server or onto the newer hardware.

The problem is, when the customers setup their account they have 2 options for their server details in their email client, either enter their domain name and accept a certificate valid request or enter the hostname of the server they are on.

As I see it there are down sides to either one. In the case of using their domain name they will get certificate not trusted warning once the account is moved. This confuses customers no end. On the flip side if they enter the hostname of the server that is even worse as you are then relying on the client being able to update their details... 9 times out of 10 they will forget to update SMTP and end up getting locked out by cphulk. Either way, it's a headache.

So, I was just wondering how people manage this situation, as I guess it must be fairly common for people with a few servers, who add new ones every now and then.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,910
2,215
363
As I see it there are down sides to either one. In the case of using their domain name they will get certificate not trusted warning once the account is moved. This confuses customers no end. On the flip side if they enter the hostname of the server that is even worse as you are then relying on the client being able to update their details... 9 times out of 10 they will forget to update SMTP and end up getting locked out by cphulk. Either way, it's a headache.
Hello,

The following blog post offers some information on new features that should help address this concern going forward:

https://blog.cpanel.com/the-cpanel-market-provider-and-free-hostname-ssls/

Support for "Let's Encrypt" should make this issue more manageable, as "Mail SNI" is already supported. You can follow the progress on added support for "Let's Encrpyt" at:

https://features.cpanel.net/topic/p...-encrypt-automated-certificate-management-ssl

Thank you.