Note: Modifying server config files via SSH console is a complicated process and may break your site if not done perfectly. If you are not an SSH expert, We highly recommend upgrading to PRO version and let our premium support handle / help with this server setup.

So you recently installed an SSL certificate for your domain and started getting “invalid SSL certificate” error popup on your email clients for custom business emails of your domain(Ex: admin@gowebsmarty.com) setup with POP/IMAP?, then you have reached the correct guide to get rid of the invalid certificate error in your email client & also secure the webmail.

While you can setup POP3/IMAP via non-secure ports too on your email clients which don’t throw certificate error, but setting up POP3/IMAP via secure ports is always the best practice in terms of security between email transmission. This guide only applies to business email IDs setup with your domain name (Ex: admin@gowebsmarty.com) and not related to Gmail or any other email service which comes with their own SSL certificate.

Before diving in, please note that if you have installed Wildcard SSL for your domain – then Wildcard SSL itself covers all subdomains including the webmail & mail, so you don’t need to go through this at all. This would be helpful only if you have installed Single domain SSL certificate for your www & non-www domain which started throwing SSL cert invalid error for webmail & email.

Webmail refers to your browser based webmail access URL like webmail.wpencryption.com which allows you to access email inbox directly on your web browser. On most of the shared hosting platforms, the incoming & outgoing mail server address we setup in email clients is gonna be something like mail.wpencryption.com. So we will be focusing on securing this webmail & mail sub-domains in this guide.

REQUIREMENTS:

WP Encryption WordPress plugin – version 5.4.8 & above

How to secure webmail & email with an SSL certificate?

First of all, please login to your wp-admin and install/activate WP Encryption free SSL plugin via PLUGINS > ADD NEW. Make sure the installed version is 5.4.8 or above. We will now generate free SSL certificate for your domain which covers webmail & email urls along with your www & non-www domain:

  1. Go to WP Encryption page in your wp-admin.
  2. Page url looks something like this – https://yourdomain.com/wp-admin/admin.php?page=wp_encryption
  3. Modify/Change the url to append &includewww=1&includeemail=1 so it becomes https://yourdomain.com/wp-admin/admin.php?page=wp_encryption&includewww=1&includeemail=1 and press enter.
  4. You will now notice the SSL install form with some additional checkboxes as shown in below screenshot

5. You can choose to secure both www & non-www domains, secure webmail & secure email server accordingly. Then enter your email and click on Generate SSL Certificate button.

This will generate free Let’s Encrypt SSL Certificate covering all your requested endpoints but DNS based domain verification becomes mandatory on STEP 2 as HTTP verification is not possible. Once after generating the new SSL certificate, download the certificate.crt, private.pem and CA Bundle.crt files via easy to use interface of WP Encryption and install it on your cPanel / hosting panel.

That’s it!.. Now your www, non-www domain as well as webmail & email server should be secured avoiding the invalid certificate error.

Archive

Categories

Tags

AWS Bluehost browser chrome compatibility Digital Ocean ERR_TOO_MANY_REDIRECTS Hostgator HTTPS Linux Mapped Domains Multisite SSL webadmin WHM