Droidism20011

Member
Jul 20, 2017
23
10
3
Amsterdam
cPanel Access Level
Root Administrator
Hi,

After configuring WHM/cPanel I see that the auto SSL feature generates TLS certificates for mail.domain.ext, domain.ext and www.domain.ext.

My initial thought was that WHM/cPanel will use the mail.domain.ext as a subdomain for the native webmail UI/UX, thus enabling customers to open their webmail via this uri.

After testing my assumption I noticed that entering mail.domain.ext simply redirects to domain.ext.

Does anyone know why this happens and at the same time cares to elaborate what/why out-of-the-box WHM/cPanel adds these domains to the auto generated TLS certs. and what the exact purpose for mail.domain.ext is/should be?

I have tried to RTFM and browsed the cPanel Forum for an answer, but have not been able to find one that resonates with me. Maybe I am experiencing a bad case of cognitive dissonance, caused by information overload and my unfamiliarity of the finer details and inner workings of WHM/cPanel.

Any help is appreciated!

Kindly,

W.
 

Droidism20011

Member
Jul 20, 2017
23
10
3
Amsterdam
cPanel Access Level
Root Administrator
After some further reading in the cPanel docs and a couple of other forum posts I have learned that mail.example.ext is used to create valid tls certs. for email connections. This was done to avoid the invalid tls connection warning when you added an email account to your favorite email client.

I also learned that in order to acces the webmail one can use domain.ext/webmail in the browser and login to view the email for a particular account.

Remains the question on how to not show the website contents of domain.ext under the mail.domain.ext uri (to prevent duplicate content indexing by the search engines and other SEO/SEM related issues.)
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,234
363
cPanel Access Level
DataCenter Provider
Twitter

Droidism20011

Member
Jul 20, 2017
23
10
3
Amsterdam
cPanel Access Level
Root Administrator
Hi @cPanelMichael

Thanks again for the links and help.

After reading you answer in
Mail Subdomain added as alias to main domain in httpd.conf
I would like to know if this implies that when a now valid TLS cert. expires, auto ssl would not generate a new valid cert. for mail.domain.ext. Is this true or does my reading comprehension lack in this department?
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,234
363
cPanel Access Level
DataCenter Provider
Twitter
Hello,

That's correct. As a workaround, you could manually remove the serveralias entry for mail from the Apache configuration using the instructions on the following post:

Mail Subdomain added as alias to main domain in httpd.conf

Then, remove the DNS entry for "mail" from this domain name using "WHM >> Edit DNS Zone", and add "mail.domain.tld" as a subdomain to the cPanel account using the "Subdomains" option. Once you do this, AutoSSL should still work for the mail subdomain, and you can upload a custom index page to display the content you prefer to load when someone opens "mail.domain.tld" in their web browser.

Thank you.
 
  • Like
Reactions: Droidism20011

Droidism20011

Member
Jul 20, 2017
23
10
3
Amsterdam
cPanel Access Level
Root Administrator
Hi @cPanelMichael Thanks for this creative solution.

Very clever and a nice way to add a extra landingpage for a value proposition, at the same time making sure that the mail.domain.ext keeps its valid tls cert., so we can actually email the new sign-ups we just converted via this page.

Love it!

Again, have a great day!

W.
 
  • Like
Reactions: cPanelMichael