Do I have to have an ssl certificate for my mail server?
Question is really simple. If I want to setup a mail server, do i have to have it or is it just a security issue? What kind of problems can it cause?
Do you want to prevent people from sniffing your password? This is especially easy on WiFi. Then use encryption (SSL).
Do you care about having a self-signed certificate (getting a warning about it)? If not, just self sign. But beware there are apps (outlook) that do not allow you to ignore that warning after having seen it once.
The thing with SSL is, that it incorporates encryption and identity checks in the same protocol. You don’t need a certificate for the former, but you do for the latter. If you don’t suspect someone is going to redirect your login attempts to another server, you don’t need the identity check: so self-sign. And even then it is not really a problem. Because in most clients once you’ve accepted your own certificate, it will warn again when it changes.
If you do want a certificate (I like to have them), use Startcom SSL. They allow you to have a simple SSL certificate for free.
Check more discussion of this question.
Related posts:
- Is it okay to use the FREE SSL Certificate offered by: Instant SSL by comodo? or Is StartCom better?
- Moving SSL Certificate from one Apache server to another
- Is the CSR only required for requesting an SSL certificate or also for installing?
- If I re-key a SSL certificate for a 2nd/backup server, does the original still work?
- how to move an SSL certificate from one windows server to another