Google multi domain certificates. Comodo sells a multi domain wild card certificate that we use to host multiple SSL domains on dovecot and postfix successfully. You install the single certificate and reissue and reinstall after adding a new domain.
On Mar 2, 2016, at 2:02 AM, Jean-Baptiste Vignaud <flint42@gmail.com> wrote:
Hello all;
Is anyone knows if it's possible to have a dual certificate setup on dovecot like in postfix or apache ?
i tried to add several crts in local name section :
local_name imap.server.tdl { ssl_cert = <server_rsa_crt.pem ssl_key = <server_rsa_key.pem ssl_cert = <server_ecdsa_crt.pem ssl_key = <server_ecdsa_key.pem }
but it seems that dovecot takes the last one (ecdsa) and that rsa cert is not used.
to check if booth are working, i check with openssl:
openssl s_client openssl s_client -connect imap.server.tdl:143 -starttls imap -servername imap.server.tdl -cipher ECDHE-RSA-AES128-GCM-SHA256 for rsa
and
openssl s_client openssl s_client -connect imap.server.tdl:143 -starttls imap -servername imap.server.tdl -cipher ECDHE-ECDSA-AES128-GCM-SHA256 for ecdsa
In apache we have to duplicate the cert / key lines one for rsa, one for edcda.
In postfix, we have some specific ecdsa conf keys.
So is there a way to do the same in dovecot ?