Thanks all that Answered
The Private-key now I delte on every entry on main.cf and only the fullchain
are enabled, thanks
One more point, if checking with tls-check the domains: Caloro.ch0 fine,
calm-ness.ch are still error
Remaining. Configure also the local DNS Server with me two domains, but
always finish with this.
tlsCheck-Calm-ness.ch -> Cert Hostname DOES NOT VERIFY (nmail.calm-ness.ch
!= nmail.caloro.ch | DNS:nmail.caloro.ch)
tlsCheck-Calm-ness.ch -> So email is encrypted but the host is not verified
Thanks for any help
Regards
Mauri
-----Ursprüngliche Nachricht-----
Von: owner-postfix-us...@postfix.org <owner-postfix-us...@postfix.org> Im
Auftrag von Viktor Dukhovni
Gesendet: Samstag, 18. Juni 2022 02:49
An: postfix-users@postfix.org
Betreff: Re: Postfix - Mysql - howto MultipleDomain?
On Sat, Jun 18, 2022 at 09:05:07AM +1000, raf wrote:
> Even if the middle pair were in the right order, and even if they
> successfully replaced the first pair (which might not be a thing
> anyway), it would still end up with a single RSA certificate, not
> both.
Correct. For multiple MTA personalities there's SNI (generally not a good
practice, we have MX records for serving multiple domains on a single SMTP
server). This requires lookup tables that map various names to non-default
certificate chains.
--
Viktor.
