In dovecot 1 I was able to do something like this:
protocol imap {
ssl_cert = cert-imap.pem
ssl_key = key-imap.pem
}
local ww.xx.yy.zz {
protocol imap {
ssl_cert = cert-imap-ww.xx.yy.zz.pem
ssl_key = key-imap-ww.xx.yy.zz.pem
}
}The intent is ww.xx.yy.zz is an externally routable IP address which has a Cert signed by a real CA, other addresses are internal which have a variety of domain names, signed by a self-signed cert.
That worked in dovecot 1, but in dovecot 2 I get the error: "Conflict in setting ssl_cert found from filter".
Weirdly, this works in dovecot 2:
local 0.0.0.0/0 { ssl_cert = cert-imap.pem ssl_key = key-imap.pem }
local ww.xx.yy.zz { ssl_cert = cert-imap-ww.xx.yy.zz.pem ssl_key = key-imap-ww.xx.yy.zz.pem }
But this doesn't:
local 0.0.0.0/0 { protocol imap { ssl_cert = cert-imap.pem ssl_key = key-imap.pem } }
local ww.xx.yy.zz { protocol imap { ssl_cert = cert-imap-ww.xx.yy.zz.pem ssl_key = key-imap-ww.xx.yy.zz.pem } }
It smells like a bug.
Anyway, does anybody know of a way to port my config to dovecot 2?