Amichai Rothman created JAMES-4024:
--------------------------------------
Summary: Add support for SNI (separate certificate per domain)
Key: JAMES-4024
URL: https://issues.apache.org/jira/browse/JAMES-4024
Project: James Server
Issue Type: New Feature
Components: protocols
Affects Versions: 3.8.1
Reporter: Amichai Rothman
Currently it is only possible to configure one global certificate for all TLS
communication of the entire server. However, many SMTP servers nowadays can be
configured to validate that a certificate matches the (mx record) domain name
when connecting to another SMTP server, and thus many SMTP servers also support
SNI so they can serve up the proper certificate when receiving mail messages
for multiple domains.
James should also support SNI so it can work properly with secure
configurations of all other SMTP servers, i.e. allow adding a separate
certificate per supported domain(s), and support SNI to select the correct one
per TLS connection. The existing global certificate can remain as fallback and
to avoid breaking existing configurations.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org
