On 10 March 2018 at 05:58 "@lbutlr" < kremels@kreme.com> wrote:


On 2018-02-25 (09:31 MST), David Favor < david@davidfavor.com> wrote:
}
local_name imap.cydec.com {
ssl_cert = </etc/letsencrypt/live/imap.cydec.com/fullchain.pem
ssl_key = # hidden, use -P to show it
}
Doesn't this still require a default t(top level) cert besides the one specified for local_name?

Also, is there any reason to use local_name if your local name matches your server? the point is to be able to provide a cert for example.org when your domain is example.com, right?

--
Don't congratulate yourself too much, or berate yourself either. You
choices are half chance; so are everybody else's.


A default cert is always needed. If you have only one certificate don't use local_name.
---
Aki Tuomi