Hello,
our mailserver daemons (exim, dovecot, courier-imap) are limited to one
key/cert configuration per instance. But for certain reason, we need the
same service to be accessable be two different ip-addresses/domain names
each with its own certs.
What I'm trying to do is the following:
server-a.com is the real daemon, e.g. exim listening on 1.1.1.1:smtps
server-b.com is listening to 1.1.1.2:smtps (with its own cert), but is
routing/tunneling all traffic to server-a.com:smtps
Is this possible with openssl? I don't know how to do it. The problem
is, that the work isn't done by simply tunneling the data to
server-a.com, because then the client would get a certificate-doesn't
-match-with-domain-error. server-b.com has to use the actual data (not
the whole traffic including the ssl-conversation) and establish a new
connection to server-a.com.
If this cannot be done with openssl out of the box, how else could I do
this?
Regards
Marten
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
