Dual certificate
list at airstreamcomm.net
list at airstreamcomm.net
Wed Mar 2 15:01:44 UTC 2016
Google multi domain certificates. Comodo sells a multi domain wild card certificate that we use to host multiple SSL domains on dovecot and postfix successfully. You install the single certificate and reissue and reinstall after adding a new domain.
> On Mar 2, 2016, at 2:02 AM, Jean-Baptiste Vignaud <flint42 at gmail.com> wrote:
>
> Hello all;
>
>
> Is anyone knows if it's possible to have a dual certificate setup on
> dovecot like in postfix or apache ?
>
> i tried to add several crts in local name section :
>
> local_name imap.server.tdl {
> ssl_cert = <server_rsa_crt.pem
> ssl_key = <server_rsa_key.pem
> ssl_cert = <server_ecdsa_crt.pem
> ssl_key = <server_ecdsa_key.pem
> }
>
> but it seems that dovecot takes the last one (ecdsa) and that rsa cert is
> not used.
>
>
> to check if booth are working, i check with openssl:
>
> openssl s_client openssl s_client -connect imap.server.tdl:143 -starttls
> imap -servername imap.server.tdl -cipher ECDHE-RSA-AES128-GCM-SHA256 for
> rsa
>
> and
>
> openssl s_client openssl s_client -connect imap.server.tdl:143 -starttls
> imap -servername imap.server.tdl -cipher ECDHE-ECDSA-AES128-GCM-SHA256 for
> ecdsa
>
> In apache we have to duplicate the cert / key lines one for rsa, one for
> edcda.
>
> In postfix, we have some specific ecdsa conf keys.
>
> So is there a way to do the same in dovecot ?
>
More information about the dovecot
mailing list