I'm trying to get full green marks on an old iredmail server checktls.com/TestReceiver. I have a multi-domain certificate with these domains:
- mail.domain.tld
- mailgw.domain.tld
- mailgw2.domain.tld
I do get the full green marks on mail.domain.tld, but not the others. I'm assuming this is because of mail.domain.tld being the certificate name (I've forgotten what it's called).
The warning I get on the other domains is this:
Cert Hostname DOES NOT VERIFY (mailgw.domain.tld != mail.domain.tld | DNS:mail.domain.tld)
So email is encrypted but the host is not verified
MX and A records are set for each domain. They don't share a single IP, but rather each have their own.
What do I need to do change to solve this issue? Do I need to make separate certificates for each domain?
Version information:
- Postfix 2.7.1
- Dovecot 1.2.15
- iRedMail 0.8.5
- Debian 6.0.10 (Squeeze)
I know these are old versions and I know one should upgrade (or rather migrate), but that's currently not possible for me to do.
I will supply any information needed (unless told not to by my boss).