Domains on different IPs
I want to supply separate Letsencrypt certificates for each virtual domain and seeing that SNI does not work I need to allocate separate IPs. Could anyone give some pointers, or keywords to search for, on...
a) how to make dovecot listen for different domains on different IPs?
b) how to configure separate SSL certs for each of these IPs?
On December 17, 2016 at 1:35 PM Mark Constable <markc@renta.net> wrote:
I want to supply separate Letsencrypt certificates for each virtual domain and seeing that SNI does not work I need to allocate separate IPs. Could anyone give some pointers, or keywords to search for, on...
a) how to make dovecot listen for different domains on different IPs?
b) how to configure separate SSL certs for each of these IPs?
Au contraire, dovecot does support SNI. On earlier versions, it works by specifying
local_name server.name { ssl_cert=</path/to/cert ssl_key=</path/to/key }
with 2.2.27, you can also do
local_name "some.name other.name more.name *.name" { ssl_cert=</path/to/cert ssl_key=</path/to/key }
Aki
On Sat, Dec 17, 2016 at 1:35 PM, Mark Constable <markc@renta.net> wrote:
I want to supply separate Letsencrypt certificates for each virtual domain and seeing that SNI does not work I need to allocate separate IPs. Could anyone give some pointers, or keywords to search for, on...
a) how to make dovecot listen for different domains on different IPs?
b) how to configure separate SSL certs for each of these IPs?
The way we do it is by specifying each IP address and certificate in 10-ssl.conf
ssl = yes
local xxx.xxx.xxx.xxx { # instead of IP you can also use hostname, which will be resolved
protocol imap {
ssl_cert = </usr/local/etc/postfix/keys/domainA.crt
ssl_key = </usr/local/etc/postfix/keys/domainA.key}
}
local xxx.xxx.xxx.xxx { # instead of IP you can also use hostname, which will be resolved
protocol imap {
ssl_cert = </usr/local/etc/postfix/keys/domainB.crt
ssl_key = </usr/local/etc/postfix/keys/domainB.key}
}
.........
Hope that helps
-- George Kontostanos
participants (3)
-
Aki Tuomi
-
George Kontostanos
-
Mark Constable