Hi,
Using a wildcard host name in the `local_name` filter no longer works in
Dovecot 2.4.0. This is useful for wildcard certificates.
Example `dovecot.conf`:
```
ssl_server_cert_file = /etc/dovecot/global.cert
ssl_server_key_file = /etc/dovecot/global.key
ssl_server_dh_file = /etc/dovecot/dh.pem
...
local_name "*.example.com" {
ssl_server_cert_file = /etc/dovecot/example.com.cert
ssl_server_key_file = /etc/dovecot/example.com.key
}
local_name "example.com" {
ssl_server_cert_file = /etc/dovecot/example.com.cert
ssl_server_key_file = /etc/dovecot/example.com.key
}
```
The configuration is tested with:
```
openssl s_client -connect mail.example.com:993
openssl s_client -connect example.com:993
```
The first connection to mail.example.com fails because Dovecot uses the
default `global.cert` file.
The second test with the exact host name match works as expected.
Dovecot uses the `example.com.cert` file.
Similar to the previously reported multiple hosts on the same line
discrepancy, it seems that the `doveconf` tool still has the wildcard
matching support:
```
# doveconf -f local_name=mail.example.com ssl_server
ssl_server {
cert_file = /etc/dovecot/example.com.cert
dh_file = /etc/dovecot/dh.pem
key_file = /etc/dovecot/example.com.key
}
```
Is there a new way to achieve the wildcard matching behaviour of the
local_name filter in Dovecot 2.4.0? Thanks.
--
Julius Kriukas
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
