SSL/TLS certificates with virtual domains
Nels Lindquist
nlindq at maei.ca
Thu Aug 23 19:25:19 EDT 2007
Goetz Babin-Ebell wrote:
> This question pops up occasionally in most list concerning SSL.
>
> You can only use one certificate for one IP address / port pair.
>
> If you have several IP addresses on your host,
> you can run several insances of cyrus to listen on
> the different IP addresses and every one of them having it's own
> certificate.
I do indeed have an IP address for each virtual host, so that should be
okay.
> If all of your servers share the same IP address it is not possible.
> If you have different IP addresses, use something like:
>
> cyrus.conf:
> SERVICES {
> imap cmd="imapd" listen="imap" prefork=1
> imaps cmd="imapd -s -C /etc/imapd1.conf" listen="192.168.0.1:imaps"
> prefork=0
> imaps cmd="imapd -s -C /etc/imapd2.conf" listen="192.168.0.2:imaps"
> prefork=0
How much configuration similarity does there have to be between the
different config files? Can I change anything except for the
tls_[*]_file directives?
Thanks very much for the information! I think this could work for us.
Nels Lindquist
More information about the Info-cyrus
mailing list