Mailenable SSL verification with Outlook 365

Discussion forum for Enterprise Edition.
Post Reply
netmo
Posts: 31
Joined: Mon Jun 20, 2011 7:46 pm

Mailenable SSL verification with Outlook 365

Post by netmo » Sat Feb 16, 2019 6:20 pm

Hi,

We've run in to an issue this past month with Outlook 365. Outlook 365 does not allow for non secure connection. We have a multitenant mailenable server that we use a wildcard SSL certificate for our main domain mail.xxxxxxx.com. All the tenants using this certificate keep getting a message mail server identity cannot be verified. There is no way of bypassing this message as the certificate does not match with our default mail domain and tenant domain. Is there anyway we can fix this through DNS or mailenable? We don't have the funds to buy a certificate for every domain.

Also, how does Microsoft or Google handle this multitenant evironment? Can we setup Mailenable with DNS entries to support this with the same approach as Microsoft?

Your help with this matter is appreciated.

Netmo

kiamori
Posts: 223
Joined: Wed Nov 04, 2009 1:39 am
Contact:

Re: Mailenable SSL verification with Outlook 365

Post by kiamori » Tue Feb 19, 2019 2:35 am

Under localhost properties you need to check enable postoffice bindings, then configure your IP/postoffice/hostname/SSL cert bindings. then check the "bind outgoing messages where possible".

This should solve your issue.

netmo
Posts: 31
Joined: Mon Jun 20, 2011 7:46 pm

Re: Mailenable SSL verification with Outlook 365

Post by netmo » Tue Feb 19, 2019 12:57 pm

Thank for reply.

The bindings had been set. The issue we're having is mail.xxxxxx.com is the host domain for the SSL and when mail.zzzzzz.com domain tries to connect Outlook 365 prompts a certificate error. Since the SSL cert is xxxx.com and zzzzz.com email address is trying to connect.

kiamori
Posts: 223
Joined: Wed Nov 04, 2009 1:39 am
Contact:

Re: Mailenable SSL verification with Outlook 365

Post by kiamori » Thu Feb 21, 2019 10:02 am

OK from MailEnableAdmin server side console, go to servers[expand] > localhost[rightclick] choose properties > General Tab. Now under Enable postoffice bindings choose properties.

From here you will need to create bindings for the mail.zzzzzz.com domain on its own IP address.

You will likely already have one IP configured with hostname xxxx.com, on the second IP address choose host name: mail.zzzzzz.com and then select the cert.

I do not think you can bind multiple Host Names on the same IP with Mailenable unless you get creative with port forwarding and some creative firewall rules which is going to be a bit more advanced, perhaps Ian can chime in to confirm.

Post Reply