On 27/04/2022 22:14 Kees van Vloten <keesvanvloten@gmail.com> wrote:
Hi all,
I am trying to setup dovecot to listen to imaps on the local network and through haproxy from the internet.
service imap-login { inet_listener imaps { port = 993 ssl = yes } inet_listener imaps_haproxy { haproxy = yes port = 10993 ssl = yes } }
Obviously the dns-name on the internet connection (10993) is different than on the lan (993).
In the docs (https://doc.dovecot.org/configuration_manual/dovecot_ssl_configuration/) I found multiple options, but unfortunately none of those have the option to distinguish per listen port.
Is there a way to setup two different certificates for the two listeners?
- Kees
Hi!
Currently port is not supported. What we usually recommend here is that you use haproxy to distribute connections to different local IP addresses and use
local 127.0.0.5/32 { ssl_cert=</path ssl_key=</path }
Aki