On 1/6/2011 11:11 AM, Chuck Tetlow wrote:
>
> I've been giving this a bit more thought. Our DNS MX record points to
> nomealaska.org and this is working. Our new website will be
> www.nomealaska.org <http://www.nomealaska.org/> - and my A record
will point to that new ip address.
>
> I've created an A record of webmail.nomealaska.org pointing to our
email
> server's ip address. Can I have webmail users access their mail by
going
> to https://webmail.nomealaska.org <https://webmail.nomealaska.org/>
instead of having our new hosting
> company create a redirect on the new website from
> www.nomealaska.org <http://www.nomealaska.org/>/webmail ?
>
Yes - we do that in a number of cases.
Companies that want to host their own website, or have some specific
MS requirement keep their website elsewhere. We host their e-mail and
they use webmail using the name "mail.domain.tld/webmail".
The only think you must be sure to configure - make sure the BX server
site uses a different name than "www" in the site configuration. If
you leave it "www", each time a person hits the name webmail - the DNS
will correctly point them to your box. But the BX will automatically
redirect to www - and they'll be directed to the off-site box. Its a
vicious loop that is frustrating and keeps them from using webmail.
So make sure the site is configured with the name "mail" or "webmail"
in the site set up configuration (we use mail). Then the DNS simply
points that name (mail or webmail) to your BX site IP.
> I see in /etc/httpd/conf.d/squirrelmail.conf there is an Alias field
> that now has "/webmail /usr/share/squirrelmail". Can that be
changed to
> "webmail/ /usr/share/squirrelmail" assuming the server remains named
> nomealaska.org with an alias of webmail.nomealaska.org? Or is this
> possible and if so, how to do it?
>
> Do I need to install a new SSL certificate for
> https://webmail.nomealaska.org <https://webmail.nomealaska.org/>
even though it would be an alias of
> existing nomealaska.org?
>
I'm not a expert on certificates - but I believe that a certificate is
uniquely tied to a name, not simply the domain.
So if the site's name changes from www.domain.tld to
webmail.domain.tld - you will need a new certificate. If you leave
the old certificate on the box when you change the site name - I think
your users will get those "name doesn't match the certificate"
security warnings.
Good luck and let us know which way you go!
Chuck
Thanks Chuck!
I think I have it working now at https://webmail.nomealaska.org/webmail
. Haven't migrated the website yet so still have ample opportunity to
break things but should be fairly straightforward to change the www from
the name of the server as you and Jon suggested.
The cert: I may just get a wildcard cert to reduce my cert confusion.
The above link does work but Firefox did give me the dialog about
security risks and I had to add the cert and exception to get to the
squirrelmail login.
Regardless of type of cert, I suppose I should delete the current one as
it is in my /home/.sites/X/certs directory and I don't see how I can
install a second one there - unless you can create a new directory to
stuff it in there? or rename the certificate? Not sure how all that is
handled. Maybe the GUI does it for you?
cheers, Jim
--
Jim Dory
Engineering
City of Nome
PO Box 281
102 Division St.
Nome, AK 99762
907.443.6604
http://www.nomealaska.org
_______________________________________________
Blueonyx mailing list
[email protected]
http://www.blueonyx.it/mailman/listinfo/blueonyx
