On Sat, Dec 17, 2016 at 1:35 PM, Mark Constable <ma...@renta.net> wrote:
> I want to supply separate Letsencrypt certificates for each virtual domain > and seeing that SNI does not work I need to allocate separate IPs. Could > anyone give some pointers, or keywords to search for, on... > > a) how to make dovecot listen for different domains on different IPs? > > b) how to configure separate SSL certs for each of these IPs? > The way we do it is by specifying each IP address and certificate in 10-ssl.conf ssl = yes local xxx.xxx.xxx.xxx { # instead of IP you can also use hostname, which will be resolved protocol imap { ssl_cert = </usr/local/etc/postfix/keys/domainA.crt ssl_key = </usr/local/etc/postfix/keys/domainA.key } } local xxx.xxx.xxx.xxx { # instead of IP you can also use hostname, which will be resolved protocol imap { ssl_cert = </usr/local/etc/postfix/keys/domainB.crt ssl_key = </usr/local/etc/postfix/keys/domainB.key } } ......... Hope that helps -- George Kontostanos ---