This is what I do on a mail server that I set up to consolidate the functions
of several previous postfix servers.
In main.cf, I have it set up to listen on the primary IP address for the
server, and tell it to use the certificates for that primary hostname using
smtp_tls_cert_file, smtpd_tls_cert_file, and the other TLS options. Then, in
master.cf, I configure a second IP address, and set the options for that
listener:
other.mail.server:smtp inet n - n - 0 smtpd
-o myhostname=other.mail.server
-o smtp_tls_cert_file=/path/to/certfile.pem
-o smtpd_tls_cert_file=/path/to/certfile.pem
It seems to work pretty well for us. A wildcard certificate or one with
multiple subject alternate names will also work, but those tend to be more
expensive.
Brian
--
Brian Sebby ([email protected]) | Infrastructure and Operation Services
Phone: +1 630.252.9935 | Computing and Information Systems
Cell: +1 630.921.4305 | Argonne National Laboratory
> On Dec 11, 2015, at 8:00 AM, José Roberto <[email protected]> wrote:
>
> Hi,
>
> I think it's possible based on master.cf, you could set specific doamin for a
> smtp or submission and you set a specific TLS certificate in that process,
> like we use for ehlo for a different IP and ehlo for a specific domain, but
> you need testing it.
>
>
>
> José Roberto
> E-mail: [email protected] <mailto:[email protected]> | Skype: zeponi | ICQ:
> 159416293
> Informações profissionais: http://br.linkedin.com/in/jralves
> <http://br.linkedin.com/in/jralves>
>
> Date: Fri, 11 Dec 2015 09:11:04 +0100
> Subject: postfix and multiple TLS certificates
> From: [email protected]
> To: [email protected]
>
> Hi,
>
> is it possible to configure in Postfix multiple TLS certificates.
> For example, on my LAN relay server I must configure TLS for the unix domains
> and for windows domains. Both domains use different names. How to manage that
> part ?
>
> How to generate certificates than ? Is it possible to map some how TLS
> certificates for the different domains ?
>
>
> Thanks in advance for Your support.
>
>
> Zalezny
