Yes, you can use a wildcard cert, but you will need both the cert and the private key, and they will need to be in the proper format, in order to import them into the Messaging Gateway.
More information is available in the following article:
Install Certificate Authority signed certificates without a generated Certificate Signing Request------------------------------
---------------------------------------------
Strategic Support Engineer
* Integrated Cyber Defense Exchange
* Messaging
Symantec Enterprise Division
Broadcom Inc.
------------------------------
Original Message:
Sent: 08-05-2020 07:57 AM
From: Kalpesh Chudasama
Subject: Cannot receive some emails with STARTTLS error
Hello,
Can you please guide whether can we use Wildcard certificate to enable inbound TLS in SMG ?
Thanks and regards,
K
Original Message:
Sent: 07-27-2020 11:47 AM
From: Steven R
Subject: Cannot receive some emails with STARTTLS error
To enable inbound TLS, you will need to have a certificate that is signed by a reputable certificate authority (not self-signed).
You want to enable "Accept TLS encryption" and select the certificate but do not need to enable "Request client certificate" (this is an optional feature that most environments do not use).
This process should not affect others sending email or have any affect on outbound email.
No changes to the mail servers would be required.
------------------------------
Strategic Support Engineer
Broadcom
Original Message:
Sent: 07-26-2020 03:30 AM
From: Kalpesh Chudasama
Subject: Cannot receive some emails with STARTTLS error
Hello,
We are using latest version of SMG (10.7.3-5). Recently we noticed that we are not able to receive emails from one of the vendor due to use of TLS in mail transactions by them. We noticed that we have not enabled TLS encryption in our SMG and believe that we need to enable it in the HOST Configuration > SMTP > Inbound > Encryption settings. We would like guidance on it as follows,
+ There are 2 options to tick but both are disabled. 1) Accept TLS encryption and 2) Request client certificate. Is it that we need to create a TLS certificate (self-signed in our case) in order to get those options enabled ?
+ Creating TLS certificate and enabling to accept TLS encryption for inbound message in SMG will have any effect to others in receiving emails ?
+ Enabling accept TLS encryption for inbound message in SMG will have any effect for outbound messages by any chance ?
+ Enabling accept TLS encryption for inbound message in SMG is all that is required or do we also need to make changes in our Email servers ?
Please guide.
Thanks in advance.
K