Google multi domain certificates. Comodo sells a multi domain wild card certificate that we use to host multiple SSL domains on dovecot and postfix successfully. You install the single certificate and reissue and reinstall after adding a new domain.
> On Mar 2, 2016, at 2:02 AM, Jean-Baptiste Vignaud <[email protected]> wrote: > > Hello all; > > > Is anyone knows if it's possible to have a dual certificate setup on > dovecot like in postfix or apache ? > > i tried to add several crts in local name section : > > local_name imap.server.tdl { > ssl_cert = <server_rsa_crt.pem > ssl_key = <server_rsa_key.pem > ssl_cert = <server_ecdsa_crt.pem > ssl_key = <server_ecdsa_key.pem > } > > but it seems that dovecot takes the last one (ecdsa) and that rsa cert is > not used. > > > to check if booth are working, i check with openssl: > > openssl s_client openssl s_client -connect imap.server.tdl:143 -starttls > imap -servername imap.server.tdl -cipher ECDHE-RSA-AES128-GCM-SHA256 for > rsa > > and > > openssl s_client openssl s_client -connect imap.server.tdl:143 -starttls > imap -servername imap.server.tdl -cipher ECDHE-ECDSA-AES128-GCM-SHA256 for > ecdsa > > In apache we have to duplicate the cert / key lines one for rsa, one for > edcda. > > In postfix, we have some specific ecdsa conf keys. > > So is there a way to do the same in dovecot ? >
