>> Thank you for your hints and sorry for the late followup. busy and stuff.
>> thank you for your suggestions, I was aware of the csr-option but wanted
>> to avoid this, since it does not well automate with certbot.
>
> Sine "--csr" is a certbot option I am surprised to hear you say that
> "it do
> On Apr 25, 2017, at 4:59 PM, G. Schlisio wrote:
>
>> It is also possible to avoid DANE TLSA changes while rolling over
>> Let's Encrypt keys:
>>
>>
>> http://postfix.1071664.n5.nabble.com/WoSign-StartCom-CA-in-the-news-td86436.html#a86444
>> https://community.letsencrypt.org/t/new-certbo
>
>> On Apr 6, 2017, at 5:02 PM, G. Schlisio wrote:
>>
>> I wonder if it is possible to have one cert per port postfix is serving
>> on, eg one for 25 and one for 587.
>
> Yes.
>
>master.cf:
> submission inet ... smtpd
>-o smtpd_tls_cert_file=$mua_tls_cert_file
>-o smtp
> On Apr 6, 2017, at 5:02 PM, G. Schlisio wrote:
>
> I wonder if it is possible to have one cert per port postfix is serving
> on, eg one for 25 and one for 587.
Yes.
master.cf:
submission inet ... smtpd
-o smtpd_tls_cert_file=$mua_tls_cert_file
-o smtpd_tls_key_file=$mua
Hi all,
I wonder if it is possible to have one cert per port postfix is serving
on, eg one for 25 and one for 587.
Background of this:
for user interaction (mainly on port 587) I would like to use my signed
letsencrypt cert which changes fairly often.
For interaction of servers I would like to us
