[Dovecot] Multiple SSL certs question
Timo Sirainen
tss at iki.fi
Wed Oct 28 00:48:47 EET 2009
On Sat, 2009-10-24 at 13:35 +0200, Jean-Baptiste Vignaud wrote:
> Hello;
>
> I was reading the message "how to config dovecot for multiple domains,
> multiple SSL certs,
This works in v2.0, assuming you have separate IP for each.
> and conditional IP access -- with passwd-file passdb?",
http://wiki.dovecot.org/PasswordDatabase/ExtraFields/AllowNets can be
added to passwd-file extra fields.
> and i was wondering if Dovecot could support the SNI
> extention of TLS ?
Oh, I didn't know this was already in OpenSSL. I'll see about adding
support for it to v2.0. I'm not entirely sure how to make it
configurable though. Perhaps instead of having:
local_ip 1.2.3.4 {
ssl_cert = </etc/ssl/certs/1.2.3.4
}
remote_ip 4.3.2.1 {
}
I could replace those with:
local host.domain.org {
ssl_cert = </etc/ssl/certs/1.2.3.4
}
remote host2.domain2.org {
}
and of course keep the IPs also working.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20091027/d1a9af80/attachment.bin
More information about the dovecot
mailing list