On 14/12/2009 09:10, Michael Menge wrote: > Quoting Nybbles2Byte <nybbles2byte@xxxxxxxxx>: > >> Hello, >> >> Is there a way to have the "tls_..." options in the imap.conf file >> work for multiple domains so that as many virtual domains as you want >> can authenticate without the client software popping up warnings like >> "certificate does not match this server" ? >> > > It depends on your Problem. If these virtual domains are all subdomains > of one domain you can use wildcard domains. If there are few virtual > domains and they don't change to often you can try the subject alternate > name attribute. > > For https the Problem is solved by server name indication. But the server > and client have to support this. And it would suprise me if there are > any IMAP server or clients that support server name indication. > If the above solutions (subjectAltName, wildcard) is not acceptable for you, your best bet is probably to use several imapd listener processes, each with its own IP address and imapd.conf. What I would do, however, is use the same name for all customers when they want to connect using SSL/TLS, and the virtual domain ID would be determined from the user id. Cheers, ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
