For example, is one defines these services in /etc/cyrus.conf:
One might then define different TLS options in /etc/imapd.conf:imap cmd="imapd -U 30" listen="imap" prefork=0 maxchild=100 imaps cmd="imapd -s -U 30" listen="imaps" prefork=0 maxchild=100 http cmd="httpd -U 30" listen="8008" prefork=0 maxchild=100 https cmd="httpd -s -U 30" listen="8443" prefork=0 maxchild=100
This isn't well documented, but this same service-specific configuration option prefix capability exists throughout imapd.conf. See, for example, the mentions of ldap_tls_... option settings.tls_server_cert: /etc/letsencrypt/live/example.com/fullchain.pem tls_server_key: /etc/letsencrypt/live/example.com/privkey.pem https_tls_server_cert: /etc/letsencrypt/live/otherdomain.com/fullchain.pem https_tls_server_key: /etc/letsencrypt/live/otherdomain.com/privkey.pem
Cheers,
-nic
On 4/28/24 09:16, Marco Moock wrote:
Am 28.04.2024 um 02:42:54 Uhr schrieb hruodr@xxxxxxxxx:Well, may I ask, if anyone has cyrus' https running? With in Debian 12? With the version provided by debian?I have. It works for me. Regarding TLS, I only have those lines. Be aware that it is possible to use different certs for the protocols. Try a configuration like that: tls_server_cert: /etc/fullchain.pem tls_server_key: /etc/privkey.pem tls_client_ca_dir: /etc/ssl/certs
-- Nic Bernstein nic@xxxxxxxxxxxxxxxx https://www.nicbernstein.com
