multi-domain - multiple SSL certificates
Toke Høiland-Jørgensen
toke at toke.dk
Tue Feb 3 19:00:07 CET 2015
Axel <ar at xlrs.de> writes:
> i don't know exactly, but you can configure postfix to listen on multiple ip-
> adresses or ports. perhaps it's usable with a configuration like this
> http://blog.wpkg.org/2013/07/31/postfix-and-multiple-ssl-certificates/
>
> And I don't know how to use certificates with multiple domains on a single IP
> with an IMAP server...
I have a multi-domain setup for kolab with several SSL certificates
using the method in the link above for postfix, and using SNI on the web
server.
For cyrus-imap, what you do is edit /etc/cyrus.conf. It will have lines
like this in the SERVICES section:
imaps cmd="imapd -s" prefork=5
What you do is simply duplicate these lines and add a listen= parameter.
I have this:
imaps cmd="imapd -s" listen="hostx.example.org:imaps" prefork=5
imapslocal cmd="imapd -s" listen="localhost:imaps" prefork=5
imapshosty cmd="imapd -s -C /etc/imapd.hosty.conf" listen="hosty.example.com:imaps" prefork=5
The file /etc/imapd.hosty.conf is just a copy of /etc/imapd.conf where
the tls_* keys are exchanged to point to the other certificate.
You can do the same sort of duplication for the sieve server if you
support that...
-Toke
More information about the users
mailing list