On 25.05.18 12:41, Poliman - Serwis wrote:
I have server created based on Perfect Server tutorial for Ubuntu 16.04. Is it possible to assign to postfix/dovecot as many lets encrypt ssl certs as possible?
why? is it a problem to generate single Let's Encrypt certificate for multiple domains?
I have 20 domains on the server but postfix uses ispserver.crt and ispserver.key certs generated by letsencrypt: lrwxrwxrwx 1 root root 48 Mar 13 07:42 smtpd.cert -> /usr/local/ispconfig/interface/ssl/ispserver.crt lrwxrwxrwx 1 root root 48 Mar 13 07:42 smtpd.key -> /usr/local/ispconfig/interface/ssl/ispserver.key which are from: lrwxrwxrwx 1 root root 50 Nov 3 2017 ispserver.crt -> /etc/letsencrypt/live/s1.example.net/fullchain.pem lrwxrwxrwx 1 root root 48 Nov 3 2017 ispserver.key -> /etc/letsencrypt/live/s1.example.net/privkey.pem For each domain except server fqdn I have certificate mismatch in mail client. Sending emails works but I would like to fix certs mismatch.
unless you have multiple IP addresses on your server (in which case you can configure multiple smtpd services on them, each one with different certificate), you will need server-side SNI (server name indication) on postfix then. other trick I have noticed is to use SNI-capable reverse SSL proxy. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. (R)etry, (A)bort, (C)ancer
