Web-based email on rez.nuxx.net…
Just FYI, I’ve made some changes to the web-based email (Squirrelmail) on nuxx.net. In the past, it was possible for a user to go to http://mail.domain.ext or https://mail.domain.ext to access Squirrelmail. If a user was using https, they would receive an error about a mismatched cert.
Well, today I signed up with CAcert.org and got a wildcard cert for *.nuxx.net. I’ve used this on both admin.nuxx.net and mail.nuxx.net and set it up so that all http requests forward to the https server. Because of a non-standard root CA a user will still receive an error, unless they agree to trust CAcert as a new root CA. The needed certificates for doing this can be found here. Please note that all requests to http://mail.domain.ext will now forward you to https://mail.nuxx.net so that the cert will work properly.
Additionally, I’ll be using this cert for imap-ssl and pop3-ssl so if you add this cert in a way which your mail program requires and then check your mail at mail.nuxx.net (this works for any domain I host…) using some encrypted method, all your email will be encrypted without your needing to agree to use an odd cert.
Yay!