Yes you need ssl certificates, unsigned ssl is no longer
considered acceptable as it leaves giant gaping security issues.
You don't strictly need one for every domain if your users are
happy to connect to a primary domain instead of their own domain.
But normally one would setup a certificates for each domain.
So first set g_ssl_per_domain "true" (or not)
Then In the web admin too open the ssl config page to create a
'csr' for each domain, then use your favorite ssl registration
service to get a signed certificate for each domain, and install
them by placing the surge_cert.pem files in the appropriate
surgemail/ssl/domain.name folders, also you will need to add the
intermediate certificates to the surge_cert.pem file..
See more details here:
To make it easier I recommend
1) update to the latest surgemail from our website (we fixed some
things in the ssl admin pages recently so this will save you time)
2) you may wish to use letsencrypt instead of standard
certificates, letsencrypt is free. (this also requires the latest
On 3/05/2017 2:12 p.m., Tom Cross
Some customers are having problems when connecting through
Chrome and Firefox.
Saying connection is saying "Connection Not Secure"
A couple of other customers as well as that have their Anti
Virus (Avast and Vipre)
Refusing connection to the site.
We have IP Based Domains on the mail server.
Do we have to and how do we setup certificates for each
m: 0418 295 336
I'd really appreciate it if you could take a moment to
like us on FaceBook
, thanks heaps! ChrisP.