On the same topic (though I can start a new thread if preferable), it doesn't appear that you can use wildcards/patterns in the 'local' name, unless I'm missing something--which is quite likely.
If it's not possible currently, can I suggest adding that as a feature? That is, instead of having to list out all the various SNI hostnames that a cert should be used for (e.g. "local
pop3.example.com imap.example.com pops.example.com pop.example.com .... {" -- and on and on), it'd be handy to be able to just say "local *.
example.com {" and call it a day. I imagine there'd be a bit of a slowdown, since you'd have to loop through patterns on each connection (instead of what I assume is a hash lookup), esp for people with significant amounts of 'local's.