Hi all, In testing (and by reading the archives) I have found that postfix only supports one level of wildcard SSL certificates. That is to say, I can get a certificate for *.example.com that will match host1.example.com and host2.example.com, but won't match mail.host1.example.com or mail.host2.example.com.
Is there a particular reason behind this implementation, and is there any way to work around it? I understand that wildcard certs can be considered a security risk, but is the risk really much greater if it includes a longer hostname? Thanks for your time! Chris Simmons