I am still on 2.3 however i think its just a dot, not a *.
local_name .scom.ca { ssl_key =</usr/local/etc/dovecot/scom.pem ssl_cert =</usr/local/etc/dovecot/scom.pem ssl_ca =</usr/local/etc/dovecot/scom.pem
maybe try that.
Thanks - Paul Kudla (Manager SCOM.CA Internet Services Inc.)
Have A Happy Saturday !!!
Scom.ca Internet Services <http://www.scom.ca> 004-1009 Byron Street South Whitby, Ontario - Canada L1N 4S3
Toronto 416.642.7266 Main 1.866.411.7266 Fax 1.888.892.7266 Email paul@scom.ca
On 2025-02-27 9:09 a.m., Julius Kriukas via dovecot wrote:
Hi,
Using a wildcard host name in the
local_namefilter no longer works in Dovecot 2.4.0. This is useful for wildcard certificates.Example
dovecot.conf:ssl_server_cert_file = /etc/dovecot/global.cert ssl_server_key_file = /etc/dovecot/global.key ssl_server_dh_file = /etc/dovecot/dh.pem ... local_name "*.example.com" { ssl_server_cert_file = /etc/dovecot/example.com.cert ssl_server_key_file = /etc/dovecot/example.com.key } local_name "example.com" { ssl_server_cert_file = /etc/dovecot/example.com.cert ssl_server_key_file = /etc/dovecot/example.com.key }The configuration is tested with:
openssl s_client -connect mail.example.com:993 openssl s_client -connect example.com:993The first connection to mail.example.com fails because Dovecot uses the default
global.certfile.The second test with the exact host name match works as expected. Dovecot uses the
example.com.certfile.Similar to the previously reported multiple hosts on the same line discrepancy, it seems that the
doveconftool still has the wildcard matching support:# doveconf -f local_name=mail.example.com ssl_server ssl_server { cert_file = /etc/dovecot/example.com.cert dh_file = /etc/dovecot/dh.pem key_file = /etc/dovecot/example.com.key }Is there a new way to achieve the wildcard matching behaviour of the local_name filter in Dovecot 2.4.0? Thanks.