Thanks Michael I will check with the free cert lets encrypt to test it. Remo
> Il giorno 7 set 2019, alle ore 02:09, Michael Hallager via dovecot > <dovecot@dovecot.org> ha scritto: > > On 2019-09-07 12:25, remo--- via dovecot wrote: >> What is the best way to adopt multiple certs? >> Thanks. > > /etc/dovecot/conf.d/10-ssl.conf > > Primary SSL certificate: > > # SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt> > #ssl = yes > ssl = required > > ("yes" or "required" - I use required) > > # Minimum SSL protocol version to use. Potentially recognized values are > SSLv3, > # TLSv1, TLSv1.1, and TLSv1.2, depending on the OpenSSL version used. > ssl_min_protocol = TLSv1 > > # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before > # dropping root privileges, so keep the key file unreadable by anyone but > # root. Included doc/mkcert.sh can be used to easily generate self-signed > # certificate, just make sure to update the domains in dovecot-openssl.cnf > ssl_cert = </etc/ssl/private/mail-domain-tld.crt > ssl_key = </etc/ssl/private/mail-domain-tld.key > > Secondary SSL certificates (I add this at the bottom of the file) > > local_name mail.domain2.tld { > > ssl_cert = </etc/ssl/private/mail-domain2-tld.crt > ssl_key = </etc/ssl/private/mail-domain2-tld.key > > }