I want to cert all domain added in mailcow but additional san wildcard only support subdomains.

    Have something to say?

    Join the community by quickly registering to participate in this discussion. We'd like to see you joining our great moo-community!

    leeone7200 OK, afaik you can add example.com to ADDITIONAL_SAN as well. The problem is that you can’t use wildcards obviously, you have to add every domain manually.

    Why do you need that in the first place?

    well, if the apex of the domain points or can be pointed to the same IP used by Mailcow you can still add them to the ADDITIONAL_SAN. And that is the only case I can think of having the root domain in the SAN.
    Not sure what you’re trying to achieve.

    You need to add them to ADDITIONAL_SERVER_NAMES as well then

      DocFraggle yes, clearly.

      Or, if you want to use an external certificate you can follow steps here:
      docs.mailcow.email Icon Advanced SSL - mailcow: dockerized documentation

      Then, you can use an external tool (certbot, LeGo, etc.) to process the cert request using a DNS validation method (depending on your DNS provider) to issue the certificates and/or a wildcard.

      In general I’d suggest to only have the hostnames used on the email server and not to use a wildcard unless necessary (although easier to use, sometimes).

      No one is typing