[Dovecot] Dovecot replies with default SSL certificate instead of the vhost's
Shadi Habbal
sh.habbal at hotmail.com
Mon Sep 16 01:30:56 EEST 2013
Simply put, didn't know it was a limitation of POP3s.
Note taken.
Thanks
----------------------------------------
> Date: Mon, 16 Sep 2013 00:09:46 +0200
> From: h.reindl at thelounge.net
> To: dovecot at dovecot.org
> Subject: Re: [Dovecot] Dovecot replies with default SSL certificate instead of the vhost's
>
>
>
> Am 15.09.2013 23:45, schrieb Shadi Habbal:
>> I'm using dovecot v2.0.21.
>>
>> According to http://wiki2.dovecot.org/SSL/DovecotConfiguration,
>> dovecot 2.x supports different SSL certificate for different virtual hosts by using "local_name" directive, but I can't get it to work.
>>
>> When testing the certificate using "openssl s_client -connect domain.com:pop3s" I get the default certificate instead of domain.com's
>
> you did read "With client TLS SNI (Server Name Indication) support"
> and "Different certificates per IP and protocol"
>
> http://en.wikipedia.org/wiki/Server_Name_Indication
>
> on POP3s (995) you have *most likely* no SNI and even with
> STATTLS only less chances to work relieable with different
> clients which is also part of the documentation you refer to
>
> why do people waste their time with such useless things instead setup
> "mail.yourcompany.tld" and tell every user exactly tjis hostname?
>
> servernames in case of *email* are worthless becasue you do
> not have different document roots
>
More information about the dovecot
mailing list