Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Multiple SSL Domains

Can the Ironport C360 use more than one SSL certificate or can it use a multiple domain SSL certificate?

Everyone's tags (2)
Cisco Employee

Re: Multiple SSL Domains

AsyncOS 7.1 provides a number of enhancements to the TLS features on the Email Security appliance. One of them is:-

TLS per Listener

- You can assign a unique certificate per listener on the appliance for TLS connections. You can also assign a certificate to the HTTPS services on an IP interface, the LDAP interface, and all outgoing TLS connections.

New Member

Re: Multiple SSL Domains

Thanks for that.

We have 12 domains for which we send and recieve emails.

Does this mean I need 12 listeners to install 12 SSL certificates onto?

I like to keep things simple so we only have 2 listeners, one for incoming mail and one for outgoing mail. Can I not install one multi domain SSL certificate onto each listener?

Re: Multiple SSL Domains

Presumably they all resolve to 1 MX record?

If so you should only need one cert, the one for that 1 MX record.

New Member

Re: Multiple SSL Domains

We have 12 MX records, one for each domain (otherwise we wouldn't receive email for


I have looked into this further and realised that the TLS connection is from the remote MTA to the Ironport (or vice versa), not the actual domain name, so we only need one SSL certificate for the Ironport hostname.

I have checked in the message tracking an we are sending and receiving over TLS for all domains.

Thanks anyway.

CreatePlease to create content