Signing a certificate

Aarem

New Member
Hi all,

I don't have any special certificate for my VPS, nor do I need one at this stage. However, whenever I check my emails through the email client, I always first get a message that the program "Can't verify the identity of mail.mydomain.com. Certificate was signed by an unknown authority..."

Is there any thing I can do to stop this, short of paying for a certficate? Can I reset the default certificate or anything like that? I'm totally new to all this. I note that under "Manage Service Certificates" there is a reset option. Should I click this (is it safe?) and how long would it last for?

If I did by a certificate, would it mean that the host domain would always read https? I don't really want that.

Thanks for any tips.
 
Hello Aarem,

The reason you're getting that notice is because the certificate is a self-signed one. You will continue getting that notice regardless of whether you reset it or not.

There are two ways to get rid of that notice. Pay for a certificate for the VPS host name (server.domain.com) or do not use a SSL/TLS connection.

And no if you get a certificate it does not mean all your addresses change to secure ones.

Hope that helps!
 
Thanks very much for your advice, Dan. A few questions of clarification, if I may:

1) Of the two options you mention, is one better than another? I'm not sure how NOT to use a SSL/TLS connection. Can it be turned off in WHM somehow, and is it safe to do so?

2) Regarding paying for a certificate for the host name, that sounds good, but I'm not clear on how it works. If there is a certificate for host.mydomain.com, I gather that mydomain.com will still appear as http://mydomain.com. That's good. But is host.mydomain.com different from server.mydomain.com? Do you actually mean the word 'server', or is that an example. I've not seen a reference to server.mydomain.com before.

Any clarification of how I would preceed with that SSL option would be much appreciated. Extreme noob here!
 
Hello again Aarem,

1) Of the two options I would say either keep checking the box (if you want a secure connection) turn of the SSL/TLS connection. You do this in your email client, not in WHM.

2) Sorry yes I mean your host name. If you're only hosting one domain and/or you're only concerned with the one domain then you could purchase it for that particular domain. Personally spending that kind of money just for email is not something I would do.
 
Thanks very much for clarifying all this, Dan. Personally I don't mind just clicking the 'accept' button when I open my email account, but I have a few client sites on my VPS, and it is worrying them a bit. Now my options are clear, so thanks again!
 
I found that if using the Mail.app (mail program on Mac OSX), clicking "show certificate" and then checking the "always trust" box takes care of it for good, so you won't see the message anymore.
 
Top