IMPORTANT: This guide only applies to non SNI enabled configurations. The certificate path needs to be adjusted if SNI is enabled. Something like ssl_certificate,key /etc/ssl/mail/webmail.example.org/cert.pem,key.pem;
will do. But: The certificate should be acquired first and only after the certificate exists a site config should be created. Nginx will fail to start if it cannot find the certificate and key.
To create a subdomain webmail.example.org
and redirect it to SOGo, you need to create a new Nginx site. Take care of "CHANGE_TO_MAILCOW_HOSTNAME"!
nano data/conf/nginx/webmail.conf
server {
ssl_certificate /etc/ssl/mail/cert.pem;
ssl_certificate_key /etc/ssl/mail/key.pem;
index index.php index.html;
client_max_body_size 0;
root /web;
include /etc/nginx/conf.d/listen_plain.active;
include /etc/nginx/conf.d/listen_ssl.active;
server_name webmail.example.org;
server_tokens off;
location ^~ /.well-known/acme-challenge/ {
allow all;
default_type "text/plain";
}
location / {
return 301 https://CHANGE_TO_MAILCOW_HOSTNAME/SOGo;
}
}
Save and restart Nginx:
docker compose restart nginx-mailcow
docker-compose restart nginx-mailcow
Now open mailcow.conf
and find ADDITIONAL_SAN
.
Add webmail.example.org
to this array, don't use quotes!
ADDITIONAL_SAN=webmail.example.org
Run the command to apply the changes:
docker compose up -d
docker-compose up -d
See "acme-mailcow" and "nginx-mailcow" logs if anything fails.