Now that Webmail is up and running, are there any plans to add encryption?
No, there aren’t any plans to add SSL on free webmail, just because the IPs doesn’t work with all the certificate providers and you need to use the self-signed one.
2 posts were split to a new topic: I have an active SSL on cloudflare but my site couldn’t open on https
The IP’s don’t work with certificate providers? Like whom? Sectigo, Let’s Encrypt?
This is a restriction with all certificate providers. I don’t know any providers who provide certificates for IP addresses.
The problem is that the webmail is currently accessed on the URL http://22.214.171.124/roundcubemail/. This is a subdirectory on an IP address, not a domain name. SSL certificates can only be requested for domain names, not IP addresses. Therefore, it’s not possible to install SSL on the webmail without migrating it to a domain first.
The IP is public right? I know of two providers. GlobalSign and DigiCert. Why are you using an IP anyways? Optimization reasons or something else?
iFastNet is using a public IP for their webmail because of impossibility to install a SSL certificate and to use their self-signed certificate for their webmail. When they migrate the Webmail to a domain, they will install Let’s Encrypt as well, but I’m not sure.
I have no idea why iFastNet didn’t put the webmail on a domain name. I don’t like the setup either, but it’s not my call to make.
Public IP’s can have SSL. There are CA’s that provide them. Only private IP’s are against the rules. They are not cheap but for a growing business, it shouldn’t be a problem financially.
The only reasons I can think of are to lower DNS request and cookies, but from what I’ve studied, it seems to offer little improvements and more hassle.