Vincent Jaussaud
2004-Nov-09 13:51 UTC
[Dovecot] dovecot with different POP3S / IMAPS Certs
Hi,
I'm new to dovecot, but actually planning to switch a wide WU-IMAP/POP
installation to dovecot.
With WU-IMAP, a different certificate can be used by pop3s and imaps,
allowing both server to be reachable through different hostnames,without
SSL complaints on the client side; this is mostly used for scalability.
I'm trying to do the same thing with dovecot; that is having dovecot
using a different certificate for it's pop3s instance and imaps
instance.
Unfortunately, in dovecot configuration file, only one certificate can
be set; used by both pop3s / imaps.
Any idea of the best way to handle this ?
Thanks !
Vincent.
--
Vincent Jaussaud
Kelkoo.com Security Manager
email: tatooin at kelkoo.com
GPG key: 1024D/3BFE3FC7 2002-02-07
"Those who desire to give up freedom in order to gain security will not
have, nor do they deserve, either one."
-- President Thomas Jefferson. 1743-1826
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20041109/7fbd444f/attachment-0001.bin>
On 9.11.2004, at 15:51, Vincent Jaussaud wrote:> With WU-IMAP, a different certificate can be used by pop3s and imaps, > allowing both server to be reachable through different > hostnames,without > SSL complaints on the client side; this is mostly used for scalability. > > I'm trying to do the same thing with dovecot; that is having dovecot > using a different certificate for it's pop3s instance and imaps > instance. > > Unfortunately, in dovecot configuration file, only one certificate can > be set; used by both pop3s / imaps.With 0.99.x it's not possible, so you'd have to run two Dovecot instances. With 1.0-tests I think this should work: protocol pop3 { ssl_cert_file = ... } protocol imap?{ ssl_cert_file = ... } -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 186 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20041112/7c306d26/attachment-0001.bin>