Re: Multidomain ssl config ?
Jürgen Echter
j.echter at echter-kuechen-elektro.de
Wed Jun 29 20:00:35 UTC 2022
Am Mittwoch, Juni 29, 2022 21:24 CEST, schrieb Maurizio Caloro <mauric at gmx.ch>:
> on postfix now this seems to run, and with dovecot i need also handle this two domains,
> but appairing this error messages. like:
>
> Jun 29 20:49:28 Dovecot/imap-login: Info: Disconnected (no auth attempts in 0 secs): user=<>,
> rip=a.b.c.d, lip=37.120.190.188, TLS handshaking: SSL_accept() failed: error:14094416:SSL routines:
> ssl3_read_bytes:sslv3 alert certificate unknown: SSL alert number 46, session=<FdklDjkdfrkfi>
>
> Running with Debian Buster
>
> # dovecot --version
> 2.3.4.1 (f79e8e7e4)
>
> # nmail.caloro.ch
> local_name nmail.caloro.ch {
> ssl_cert = </etc/letsencrypt/live/nmail.caloro.ch/privkey.pem
> ssl_key = </etc/letsencrypt/live/nmail.caloro.ch/fullchain.pem
> }
> # nmail.calm-ness.ch
> local_name nmail.calm-ness.ch {
> ssl_cert = </etc/letsencrypt/live/nmail.calm-ness.ch/privkey.pem
> ssl_key = </etc/letsencrypt/live/nmail.calm-ness.ch/fullchain.pem
> }
>
> thanks for possible help
>
>
>
Hi,
the config says "You will still need a top-level default ssl_key and ssl_cert as well, or you will receive errors."
I don't know if this is also a must have for SNI, as it is noted for multipe certifcates per IP.
https://doc.dovecot.org/configuration_manual/dovecot_ssl_configuration/#dovecot-ssl-configuration
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5655 bytes
Desc: not available
URL: <https://dovecot.org/pipermail/dovecot/attachments/20220629/3be16cc1/attachment.bin>
More information about the dovecot
mailing list