I get a SSL error with my custom URLs on my atmail cloud account.
- atmail cloud EU
- atmail cloud US-EAST
When using custom webmail domain with the atmail cloud, SSL certificate served is for *.atmailcloud.com, causing security warnings.
⚠ Please Note:
STARTTLS is NOT supported at this time.
Provide us with SSL certificates for your domain. We currently support the ability for customers to have encrypted endpoints via the use of genuine (ie non self signed) SSL certs.
If you do not currently own SSL certificates for the domain you will need to purchase them from your SSL certificate provider (eg. RapidSSL). This requires generation of a CSR (Certificate Signing Request) and private key, which can be done with the following command:
openssl req -new -newkey rsa:2048 -nodes -keyout domain.key -out domain.csr
Fill in the details at the prompts (Common Name - which is the domain you want a certificate for; Organization; Country; etc), then submit the CSR file to your SSL certificate provider.
The certificate should be in a single text file in PEM format and contain the complete chain of trust, including any intermediate certs and the root CA. This ensure that each chain is complete and self contained and does not rely on the central located CA bundle.
The PEM format sees the cert in this specific order
-----BEGIN RSA PRIVATE KEY-----⚠ Please Note:
-----END RSA PRIVATE KEY-----
The private key used to generate the CSR comes first, followed by the domain cert, followed by any intermediates cert(s), with the root CA being the final part of the chain.
To check verification
openssl verify -CAfile <domain>.pem <domain>.pem
To ensure the key matches the certification
openssl x509 –noout –modulus –in <domain>.pem | openssl md5
openssl rsa –noout –modulus –in <domain>.pem | openssl md5