Hi Wietse, Viktor,
Thanks for the references/links.
On Thu, 31 Mar 2011 12:19 -0400, "Victor Duchovni"
<victor.ducho...@morganstanley.com> wrote:
> > So, in addition to the SSL certs for mynet{1,2,3}.net I have a wildcard
> > for *.mydomain.net.
>
> Whatever single certificate works for you. Wildcard certs from real
> CAs used to be expensive. If your cert is self-signed nobody cares
> what names it contains. More typical (more affordable in most cases)
> are SAN (subjectAltName) certs from real CAs that list multiple names.
Great, then I think I'm set.
Just for reference for other users, I've 'real' wildcard SSL certs for
$99/yr from Comodo. A 'real' 5-cert SAN SSL from GoDaddy, great for
mixing various domains, is $80/yr.
Per your suggestion, I'm going to deploy the single-cert,
multiple-domain solution, with pre- & post-filter Postfix instances @
the edge; Zimbra on the LAN.
I'm not yet exactly sure how to best sync info/data between the various
Postfix instances ... I'm guessing that may be as simple as scp'ing
files across the net, but I'll nee to dig/read.
Thanks!
DChil
