23 Dec
2016
23 Dec
'16
7:10 a.m.
On Sat, Dec 17, 2016 at 1:35 PM, Mark Constable <markc@renta.net> wrote:
I want to supply separate Letsencrypt certificates for each virtual domain and seeing that SNI does not work I need to allocate separate IPs. Could anyone give some pointers, or keywords to search for, on...
a) how to make dovecot listen for different domains on different IPs?
b) how to configure separate SSL certs for each of these IPs?
The way we do it is by specifying each IP address and certificate in 10-ssl.conf
ssl = yes
local xxx.xxx.xxx.xxx { # instead of IP you can also use hostname, which will be resolved
protocol imap {
ssl_cert = </usr/local/etc/postfix/keys/domainA.crt
ssl_key = </usr/local/etc/postfix/keys/domainA.key
}
}
local xxx.xxx.xxx.xxx { # instead of IP you can also use hostname, which will be resolved
protocol imap {
ssl_cert = </usr/local/etc/postfix/keys/domainB.crt
ssl_key = </usr/local/etc/postfix/keys/domainB.key
}
}
.........
Hope that helps