On 1/31/2014 12:59 PM, Israel Brewster wrote: > We are currently in the process of changing our domain name, and > were wondering if there was any way for postfix (and Dovecot, but > that’s a different mailing list) to present different certificates > depending on what domain name users are connecting with? That is, > for a period of time we want users to be able to connect using > either the old domain name or the new domain name, without getting > an error. We don’t, however, want to separate the domains - a given > user should be able to receive and send mail from either domain > interchangeably, as per the mydestination configuration directive > (as I understand it). Is this possible, or will we need to simply > change the certificate to the new domain, with the caveat that some > users will be getting certificate errors until we can get around to > changing their setup? >
Your best bet is to set up the new domain name on a separate IP address, and present the proper certificates there. You can configure a single postfix instance to listen on multiple IPs and define which certificate goes with which IP using master.cf -o overrides. -- Noel Jones
