Multiple certificate option
Remo Mattei
rm at rm.ht
Sat Sep 7 19:30:45 EEST 2019
Thanks Michael I will check with the free cert lets encrypt to test it.
Remo
> Il giorno 7 set 2019, alle ore 02:09, Michael Hallager via dovecot <dovecot at dovecot.org> ha scritto:
>
> On 2019-09-07 12:25, remo--- via dovecot wrote:
>> What is the best way to adopt multiple certs?
>> Thanks.
>
> /etc/dovecot/conf.d/10-ssl.conf
>
> Primary SSL certificate:
>
> # SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
> #ssl = yes
> ssl = required
>
> ("yes" or "required" - I use required)
>
> # Minimum SSL protocol version to use. Potentially recognized values are SSLv3,
> # TLSv1, TLSv1.1, and TLSv1.2, depending on the OpenSSL version used.
> ssl_min_protocol = TLSv1
>
> # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
> # dropping root privileges, so keep the key file unreadable by anyone but
> # root. Included doc/mkcert.sh can be used to easily generate self-signed
> # certificate, just make sure to update the domains in dovecot-openssl.cnf
> ssl_cert = </etc/ssl/private/mail-domain-tld.crt
> ssl_key = </etc/ssl/private/mail-domain-tld.key
>
> Secondary SSL certificates (I add this at the bottom of the file)
>
> local_name mail.domain2.tld {
>
> ssl_cert = </etc/ssl/private/mail-domain2-tld.crt
> ssl_key = </etc/ssl/private/mail-domain2-tld.key
>
> }
More information about the dovecot
mailing list