On 2019-09-07 12:25, remo--- via dovecot wrote:
What is the best way to adopt multiple certs?
Thanks.
/etc/dovecot/conf.d/10-ssl.conf
Primary SSL certificate:
# SSL/TLS support: yes, no, required.
("yes" or "required" - I use required)
# Minimum SSL protocol version to use. Potentially recognized values are SSLv3, # TLSv1, TLSv1.1, and TLSv1.2, depending on the OpenSSL version used. ssl_min_protocol = TLSv1
# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before # dropping root privileges, so keep the key file unreadable by anyone but # root. Included doc/mkcert.sh can be used to easily generate self-signed # certificate, just make sure to update the domains in dovecot-openssl.cnf ssl_cert =
Secondary SSL certificates (I add this at the bottom of the file)
local_name mail.domain2.tld {
ssl_cert = </etc/ssl/private/mail-domain2-tld.crt
ssl_key = </etc/ssl/private/mail-domain2-tld.key}