--On Tuesday, January 14, 2014 2:22 PM -0500 "Borresen, John - 0442 - MITLL" <John.Borresen(a)ll.mit.edu&gt; wrote: I prefer to use a wildcard cert. I would note that a technically correct wildcard cert has *.domain in subjectAltname. On the flip side, virtually no CA creates certs that are compliant with the RFC for wildcards. --Quanah -- Quanah Gibson-Mount Architect - Server Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration