Kenneth Porter on Wed 6/06 01:29 -0700:
> Ran into a problem running TLS on my server with 3 interfaces (2
> public, 1 LAN). The cert apparently has the server name encoded in it,
> but I have 3 server names, one per interface. Depending on which
> interface is called out by clients, they may get a cert mismatch
> error. How does one deal with this? Should there be one cert per
> interface, and should Qpopper use a different cert based on which
> interface the connection arrives on?
The answer is yes, you need a separate cert per interface. Bind qpopper
with different conf files which specify different certs, to the
different interfaces. xinetd makes this easy. We have the same issue
here. You just need to use the `bind' statement and make sure you
specify different `id's for them since the service name is no longer
enough.
