Multidomain ssl config ?

Paul Kudla (SCOM.CA Internet Services Inc.) paul at scom.ca
Wed Jun 29 21:25:18 UTC 2022 

John please send me a direct email address


I understand what you need and my customers are all seperate certs per domain on both sides


I spent over three months setting stuff up


I wil send complete instructions for both postfix & dovecot


Plus auto scripts etc


You will need to be running a postgresql database for my stuff to work without mods


And running python 2.xx

    
      
 thanks - paul 
   Paul Kudla      SCOM.CA Internet Services Inc.    004-1009 Byron Street South   Whitby, Ontario - Canada   L1N 4S3    Toronto   416.642.7266   Main   1.866.411.7266   Fax   1.888.892.7266   

On Jun 29, 2022 at 16:39:29 EDT, John Stoffel <dovecot-bounces at dovecot.org> wrote:

>>>>> "Maurizio" == Maurizio Caloro <mauric at gmx.ch> writes:

Maurizio> on postfix now this seems to run, and with dovecot i need
Maurizio> also handle this two domains, but appairing this error
Maurizio> messages. like:

Why aren't you just using a single domain as the MX record for all the
domains? Then you only need one SSL cert pair for all of this, and if
you publish the right SPF records, each domain can send from the same
MX host as well.




Maurizio> Jun 29 20:49:28 Dovecot/imap-login: Info: Disconnected (no auth attempts in 0 secs): user=<>,
Maurizio> rip=a.b.c.d, lip=37.120.190.188, TLS handshaking: SSL_accept() failed: error:14094416:SSL routines:
Maurizio> ssl3_read_bytes:sslv3 alert certificate unknown: SSL alert number 46, session=<FdklDjkdfrkfi>

Maurizio> Running with Debian Buster

Maurizio> # dovecot --version
Maurizio> 2.3.4.1 (f79e8e7e4)

Maurizio> # nmail.caloro.ch
Maurizio> local_name nmail.caloro.ch {
Maurizio>  ssl_cert = </etc/letsencrypt/live/nmail.caloro.ch/privkey.pem
Maurizio>  ssl_key = </etc/letsencrypt/live/nmail.caloro.ch/fullchain.pem
Maurizio>  }
Maurizio> # nmail.calm-ness.ch
Maurizio> local_name nmail.calm-ness.ch {
Maurizio>  ssl_cert = </etc/letsencrypt/live/nmail.calm-ness.ch/privkey.pem
Maurizio>  ssl_key = </etc/letsencrypt/live/nmail.calm-ness.ch/fullchain.pem
Maurizio>  }

Maurizio> thanks for possible help




-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20220629/77039547/attachment-0001.htm>

More information about the dovecot mailing list