[Dovecot] dovecot with different POP3S / IMAPS Certs
Hi,
I'm new to dovecot, but actually planning to switch a wide WU-IMAP/POP installation to dovecot.
With WU-IMAP, a different certificate can be used by pop3s and imaps, allowing both server to be reachable through different hostnames,without SSL complaints on the client side; this is mostly used for scalability.
I'm trying to do the same thing with dovecot; that is having dovecot using a different certificate for it's pop3s instance and imaps instance.
Unfortunately, in dovecot configuration file, only one certificate can be set; used by both pop3s / imaps.
Any idea of the best way to handle this ?
Thanks ! Vincent.
-- Vincent Jaussaud Kelkoo.com Security Manager email: tatooin@kelkoo.com GPG key: 1024D/3BFE3FC7 2002-02-07
"Those who desire to give up freedom in order to gain security will not have, nor do they deserve, either one." -- President Thomas Jefferson. 1743-1826
On 9.11.2004, at 15:51, Vincent Jaussaud wrote:
With WU-IMAP, a different certificate can be used by pop3s and imaps, allowing both server to be reachable through different hostnames,without SSL complaints on the client side; this is mostly used for scalability.
I'm trying to do the same thing with dovecot; that is having dovecot using a different certificate for it's pop3s instance and imaps instance.
Unfortunately, in dovecot configuration file, only one certificate can be set; used by both pop3s / imaps.
With 0.99.x it's not possible, so you'd have to run two Dovecot instances.
With 1.0-tests I think this should work:
protocol pop3 { ssl_cert_file = ... }
protocol imap { ssl_cert_file = ... }
With 0.99.x it's not possible, so you'd have to run two Dovecot instances.
Timo,
First thanks for providing this great open source software to the community.
Now, I just saw some posts where you said 0.99.x wasn't very good as a POP3 server.
Therefore, I think I'll just keep using WU-IPOP3D until dovecot 1.0 is released.
Any idea when it's going to happen ?
Thanks. Vincent.
With 1.0-tests I think this should work:
protocol pop3 { ssl_cert_file = ... }
protocol imap { ssl_cert_file = ... }
Vincent Jaussaud Kelkoo.com Security Manager email: tatooin@kelkoo.com GPG key: 1024D/3BFE3FC7 2002-02-07
"Those who desire to give up freedom in order to gain security will not have, nor do they deserve, either one." -- President Thomas Jefferson. 1743-1826
participants (2)
-
Timo Sirainen
-
Vincent Jaussaud