How does one add SSL for my webmail provided by servermx.com. Namesilo is my registrar. I use the account/website only for email and nothing else --so I only updated the DNS MX etc records in namesilo to point to servermx.
I seriously doubt that's the case. Do they support what you're doing? That is, masquerading as webmail.yourdomain.com? Or is it a workaround you've come up with? Because if they do, they should have a way of dealing with the certs and related configuration.
I just looked at their docs, and frankly their documented process is startlingly idiotic. They say to do exactly what you’ve done, but then note at the bottom of the page that “Web client with your domain name doesn’t match the SSL certificate.” So they’re telling you to do something that will generate certificate errors, knowing it will generate certificate errors.
You can still use https, but you’ll have to bypass the cert errors.
The best way is to simply avoid the issue entirely by going to roundcube.servermx.com (or squirrel., or whatever)–that way the server you’re requesting is the server that’s actually responding and that actually has the cert, and there’s no error at all. But if you insist on following their ill-conceived instructions (and it’s worth reiterating that their instructions are startlingly ill-conceived–they’re telling you to do something that directly violates the purpose of having server certificates), you’ll need to consult your web browser’s documentation on how to do this. With Firefox, it’d typically be clicking an Advanced link, then Add exception. Can’t help you with other browsers, though.
I did add exception to FF to https://webmail.mydomain.com (I only use FF) but it shows a lock with yellow caution sign stating “connection is not secure” --and it was bothering me --so I thought of adding a Lets Encrypt cert --but if this is not possible --I will have to access their email server directly without going via my siteaddress.
I used your tool (I didnt know it was yours) days ago and the html-content shows all green.
But FF always shows the gray lock with yellow caution sign --irrespective if only text or text with image is displayed --I guess there is always some image on the page (mail icons etc)
So if the FF lock is gray with caution --the traffic is still secure with the https (so I can ignore the “connection is not secure” warning?) Sorry for such simple/trivial questions.
I think they (servermx) did something after I reached out to them --in the very beginning …I could not access at all https://webmail.mydomain.com but at least I can now with “caution lock” symbol.
No, it isn't; it's a certificate mismatch. For reasons known only to them, servermx.com thinks it's a great idea to tell their customers to set CNAME records as @kban describes above, which is guaranteed to give cert errors (I don't think it can be repeated too frequently, or too strongly, what a bad idea this is). Even if you add an exception, you're going to see warnings.
If it is wrong configured (CNAME to another domain, but that other domain doesn't have a correct certificate) and if this is the idea of the provider, then you should go away to another provider.