Messaging Gateway

Hi,

Our setup:
1 ControlCenter
2 Scanners
Version 8.03-11


I have requested and installed 2 SSL Certificates for the scanner hosts to use TLS (STARTTLS):

scanner1.xx.yy
scanner2.xx.yy

When I go to Administration > Configuration > scanner1.xx.yy > SMTP

Accept TLS encryption is marked and SSL certificate scanner1.xx.yy is marked.

Same setup is made on scanner2.xx.yy


Later on i added some IP hosts to the "Outbound Mail Acceptance" on scanner1.xx.yy and then i marked the "Apply above settings to all hosts" because I wanted the exact same IP's to the scanner2.xx.yy.

After i pressed the Save button and started to verify that everything went okey I noticed that scanner2.xx.yy had changed the SSL certificate to scanner1.xx.yy?


Is this by design or a bug? It feels like the certificate setting should be moved to another place so it wont change that setting every time i add an IP for the outbound MTA.

Maybe im doing this wrong? Best practice should be to use 2 separate certificates with matching FQDN. Right?

BR

Themac
 

Actually, this is by design; when you click "Apply above settings to all hosts" check box, you intend to apply the settings for this host to all the other hosts.

You are right about the certificates, each scanner should have a separate certificate.  Unfortunately, due to current design, if you choose to click "Apply above settings to all hosts" when separate certificates are enabled for different hosts, all hosts would get the same settings including the certificate setting from the host that you are currently editing.

As you pointed out, this configuration page needs some enhancement.

Regards,

Adnan

Thanks for the info.

Do you know if this is known by the developers and if it will be solved for the next release of Brightmail?