Pluggable SNI?

Felipe Gasper felipe at felipegasper.com
Tue Jun 21 19:58:01 UTC 2016


Hello,

	How feasible would it be to have a “pluggable” Dovecot setup that would permit arbitrary logic for fetching TLS/SNI certificates and key, rather than having to hard-code each domain’s resources in a configuration file?

	A couple scenarios that I envision such a framework being able to accommodate:

1) An internal TLS service that accepts queries via a UNIX socket by domain name and returns certificate/key.

2) A directory where these resources are stored, indexed by domain name.

	Thank you!

-FG


More information about the dovecot mailing list