Re: SSL/TLS certificates with virtual domains

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Goetz Babin-Ebell wrote:

> This question pops up occasionally in most list concerning SSL.
> 
> You can only use one certificate for one IP address / port pair.
> 
> If you have several IP addresses on your host,
> you can run several insances of cyrus to listen on
> the different IP addresses and every one of them having it's own
> certificate.

I do indeed have an IP address for each virtual host, so that should be
okay.

> If all of your servers share the same IP address it is not possible.
> If you have different IP addresses, use something like:
> 
> cyrus.conf:
> SERVICES {
>  imap   cmd="imapd" listen="imap" prefork=1
>  imaps  cmd="imapd -s -C /etc/imapd1.conf" listen="192.168.0.1:imaps"
> prefork=0
>  imaps  cmd="imapd -s -C /etc/imapd2.conf" listen="192.168.0.2:imaps"
> prefork=0

How much configuration similarity does there have to be between the
different config files?  Can I change anything except for the
tls_[*]_file directives?

Thanks very much for the information!  I think this could work for us.

Nels Lindquist
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux