- General Aspects
- Quick Links
- Global Settings
- Axigen Services
- Starting, Stopping, Restarting Services
- Managing Service Listeners
- Managing Service Control Rules
- Configuring the SMTP Receiving Service
- Configuring the SMTP Sending Service
- Configuring the IMAP Service
- Configuring the POP3 Service
- Configuring the WebMail Service
- Configuring the WebAdmin Service
- Configuring the DNR Service
- Configuring the Remote POP Service
- Configuring the CLI Service
- Configuring Mobility & Sync Options
- Domains & Accounts
- Managing Domains
- General Domain Settings
- Setting Up Domain Aliases
- Managing the Domain Message Filters
- Setting Up a Message Appender
- Configuring Account Defaults
- Configuring the Storage
- Managing Accounts
- General Account Settings
- Editing the Account Contact Information
- Managing Account Aliases
- Configuring Account Quotas & Restrictions
- Defining the Account WebMail Options
- Managing the Account Message Filters
- Defining Send / Receive Restrictions for an Account
- Managing Groups
- Managing Mailing Lists
- Managing Public Folders
- Setting Up Account Classes
- Managing Domains
- Security & Filtering
- Managing SSL Certificates
- AntiVirus & AntiSpam
- Additional AntiSpam Methods
- Configuring Global Access Control
- Managing Acceptance & Routing
- Setting Up Incoming Message Rules
- Viewing the Quarantine
- Status & Monitoring
- Axigen Logging
- Back-up & Restore
- Automatic Migration
- Clustering Setup
- Configuring the POP3 Proxy Service
- Configuring the IMAP Proxy Service
- Configuring the WebMail Proxy Service
- Administration Rights
This section is available starting with Axigen X3.
Axigen allows you to view, manage, search, and sort the SSL certificates and Certificate Signing Requests (CSRs) from the certs and letsencrypt folders in your Axigen working directory.
The Axigen working directory path depends on your operating system:
- For Linux:
- For Windows:
C:\Program Files\Axigen Mail Server\
Click any SSL Certificate or CSR in the list to view its details (hierarchy, issuer, subject name, source).
SAN (Subject Alternative Names) certificates will be shown in the list with the subject name and a +x more link, allowing you to see all alternative names.
Hovering a certificate path will reveal a Copy full path button, allowing you to copy its full path to clipboard for further use.
Clicking the View Usage button will show where the respective certificate is used.
Adding new SSL certificates
Click the + Add button to add a new SSL Certificate or CSR.
For new certificates, choose between generating Axigen managed Let's Encrypt certificates (Axigen will automatically manage their renewal), or uploading an SSL Certificate you already have from your preferred issuer.
Alternatively, change the tab to generate a Certificate Signing Request (CSR). You can further send it to your issuer to generate a certificate.
Axigen requires certificates to be exported in pem format — this can be easily done by concatenating the crt, ca, and key files into a single pem file, or just upload the two files you get from your issuer and let the WebAdmin do that for you.
For Let's Encrypt certificates, you can choose to have them generated and automatically managed by Axigen, or have them generated outside of Axigen, in which case you will have to manage their renewal separately.
Renewing SSL certificates
Self signed certificates and Axigen managed Let's Encrypt ones have a Renew option, triggering a renewal operation.
Custom certificates have a Replace option, allowing you manually replace the certificate files with the ones obtained from your issuer.
In addition to the manual renewal option, Axigen managed Let's Encrypt certificates are automatically renewed by Axigen 25 days before renewal.
Viewing, downloading, or deleting SSL certificates
The ... button in the list reveals additional options — view its details, download the certificate files, or delete the certificate completely.
Applying an SSL certificate
Service listeners have an SSL Settings tab, which allow admins to use a certain certificate on a specific listener.
In the example below, we're applying a certificate on the 0.0.0.0:993 listener for the IMAP service.
In addition, the WebMail and WebMail proxy services make use of Virtual Hosts, thus enabling you to use a certificate — along with specific SSL settings, if needed — for each virtual host, via SNI. For more info, see WebMail Listeners, Virtual Hosts & Control Rules.
These Virtual Hosts also apply for ActiveSync, CalDAV, and CardDAV, which are also HTTP based services — provided that the clients support SNI.