I want to cert all domain added in mailcow but additional san wildcard only support subdomains.
Englishcertificate domain
leeone7200 but additional san wildcard only support subdomains
That’s not true, please read the docs!
A wildcard name like smtp.* will try to obtain a smtp.DOMAIN_NAME SAN for each domain added to mailcow.
Advanced SSL - mailcow: dockerized documentation docs.mailcow.email
Have something to say?
Join the community by quickly registering to participate in this discussion. We'd like to see you joining our great moo-community!
DocFraggle I wanted to cert example.com not smtp.exmaple.com or mail.example.com.
- Edited
leeone7200 OK, afaik you can add example.com to ADDITIONAL_SAN as well. The problem is that you can’t use wildcards obviously, you have to add every domain manually.
Why do you need that in the first place?
- Edited
well, if the apex of the domain points or can be pointed to the same IP used by Mailcow you can still add them to the ADDITIONAL_SAN. And that is the only case I can think of having the root domain in the SAN.
Not sure what you’re trying to achieve.
You need to add them to ADDITIONAL_SERVER_NAMES as well then
- Edited
DocFraggle yes, clearly.
Or, if you want to use an external certificate you can follow steps here:
Advanced SSL - mailcow: dockerized documentation docs.mailcow.email
Then, you can use an external tool (certbot, LeGo, etc.) to process the cert request using a DNS validation method (depending on your DNS provider) to issue the certificates and/or a wildcard.
In general I’d suggest to only have the hostnames used on the email server and not to use a wildcard unless necessary (although easier to use, sometimes).
No one is typing