> > Yes, assuming each domain is using a seperate IP address. Name the > certificates by IP address. esmtpd.pem.1.2.3.4 and such. It is not > possible to use multiple certificates with a single IP address hosting > multiple domains. This is a limitation of SSL not Courier, Apache has the > same limitation. There is apprently no way for the server to know which > domain was called at the start of the SSL session and thus, no way of > responding with the correct certificate. > > Jay > -- > Jay Lee > Network / Systems Administrator > Information Technology Dept. > Philadelphia Biblical University > -- >
Thanks for the prompt response, Jay. Yeah, we have one box (2 processors :), on one ip. This is just wishing now, but I wonder if there is a way to extend the ssl handler to be just like apache's handling of vhosts. IOW, pull the url name from the request, and use that to pick our cert. Seeing as how my ISP does not do ipv6, multiple ip addresses sorta eliminate the whole idea of having vhosts. Is this a thing that comes from the openssl libs? if so, maybe they need patching, and maybe an rfc somewhere needs to be revised. Thanks again for the info. Philip Howells PFC, 3-7 Cav. US Army -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GAT d--(---)@ s+:- a23 C++@ UL+++>++++$ P+>+++$ !E----(nano) W++ N+ o? K? !w O- M@ V- PS--(+) PE++ Y+(++) PGP++ t 5 X+ !R- tv- b++ Dl+ D+ G e->++ h----(++) r+++ y+++(+++++) ------END GEEK CODE BLOCK------ ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
