[Dovecot] virtual domains and SSL certificates
Eduardo M KALINOWSKI
eduardo at kalinowski.com.br
Thu Aug 7 19:06:28 EEST 2008
Kacper Wysocki escreveu:
> Hi all,
>
> I have dovecot 1.1.0 setup to access vpopmail accounts for several
> virtual domains.
> Dovecot IMAP is accessed through several virtual domains as well, ie
> mail.foo.com an d mail.bar.com
> The problem is that the configuration file specifies only one
> certificate file for dovecot, which means only one Common Name, which
> means one cannot provide one server cert that will match mail.foo.com
> AND mail.bar.com, and either mary at foo.com or bob at bar.com will get a
> "Security Error: Domain Name Mismatch" in their mail client when
> connecting through IMAPS.
>
> How can I avoid this domain name mismatch error?
>
a) Use a single host name for all domains.
b) If you really want different hostnames for all domains, you'll need
one IP address for each domain. Dovecot can at this moment listen on
several addresses, but it only uses one SSL certificate for all of them,
which means you would need several dovecot instantes running.
Which leads us to the request: could it be that in a future version one
could select a different certificate for each IP that Dovecot listens to?
More information about the dovecot
mailing list