imaps with multiple hostnames

Craig Ringer craig at postnewspapers.com.au
Tue Nov 18 21:40:22 EST 2003


Hi folks

I'm running into a bit of an issue setting up Cyrus for TLS security, 
and was hoping someone could help me out.

The host must be accessible using two different hostnames - one for 
external IMAPs via our gateway, and one for internal IMAPs with the 
host's name on our internal network. This is causing problems with SSL 
certs, and I was hoping there was a way to create a single certificate 
with multiple allowed hostnames.

The only option I see otherwise is to host a modified version of our 
externally-visible DNS on our internal DNS server and provide a 
different value for 'mail.postnewspapers.com.au' (or whatever) that 
points to the internal host. I'm currently using a fake domain 
(.localnet) for internal DNS and using the real domain for externally 
visible public services only.

The gateway will just be forwarding IMAPs traffic to the internal mail 
server using firewall rules.

Ideally, I'd like to be able to set up a cert to allow both (say) 
'mail.localnet' and 'mail.postnewspapers.com.au' as hostnames. If this 
is possible, are there any issues with doing so such as some mail 
clients not recognising the two hostnames?

Any other suggestions?

Craig Ringer





More information about the Info-cyrus mailing list