Box continues to serve custom domain with TLS/SSL

Hi everyone,

I have a few domains on my mailinabox, some going to custom domains and other using the aliases feature to route just email.
With the new Lets Encrypt feature I provisions a list of four alias, one which later was routed to a custom domain.
Now in the past I have been able to successfully add a custom domain on the box to point to an external IP by A record to point to the IP for the and another record using CNAME for

I have now done so again for an additional custom domain, only difference on this occasion I had provision that TLS record on the box prior to pointing to my custom domain using Lets Encrypt.

Having waited now for DNS to propogate, i can browse to my new A recordcorrectly as which goes to my external IP whereas thinks its seeing the mailinabox IP and throws security errors in the browser

Your connection is not secure
The owner of [] has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.
This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.

In the advance shows uses an invalid security certificate. The certificate is only valid for the following names:

Has anyone come across this issue?
How do i remove this TLS/SSL certificate within my mailinabox as i think its being confused by my original provision.

Any guidance would be appreciated. Thanks


Learn more…

Clear your browser cache. It has nothing to do with your Mail-in-a-Box at this point.

Thanks Josh,

That solved half of it, I also needed to add another A record to route to instead of using the cname record.


Custom DNS page should do the trick, setting the custom DNS name for and will tell MIAB to stop serving the domain via http.

Hi Murgero,

In my custom DNS page I originally had it configured as CNAME A XX.XX.XX.XX

This was how one of my other existing domains has been setup to serve an external dns. In fact when i used dig against that other domain and the associated www, it would resolve to the IP correctly. I guess what I was curious about in this instance was why it wasnt working on this new domain for just the domain and not the www. The only difference was, i thought, in this new domain was that i had provisioned a TLS/SSL on the box prior to using custom dns and perhaps there may have been a bug. In any case, including Josh’s suggestion of clearing cache and then furthermore this configuration, created the behavior i expected. A XX.XX.XX.XX A XX.XX.XX.XX

Perhaps someone with a better understanding of DNS can explain what the correct configs ought to be, because to me, using a cname record should have been ok.



CNAMES only work on subdomains. Why it worked elsewhere would be a question for your other provider.