In dovecot 1 I was able to do something like this:
protocol imap {
? ssl_cert = cert-imap.pem
? ssl_key ?= key-imap.pem
}
local ww.xx.yy.zz {
? protocol imap {
? ? ssl_cert = cert-imap-ww.xx.yy.zz.pem
? ? ssl_key ?= key-imap-ww.xx.yy.zz.pem
? }
}
The intent is ww.xx.yy.zz is an externally routable IP address which
has a Cert signed by a real CA, other addresses are internal which have
a variety of domain names, signed by a self-signed cert.
That worked in dovecot 1, but in dovecot 2 I get the error: "Conflict
in setting ssl_cert found from filter".
Weirdly, this works in dovecot 2:
? local 0.0.0.0/0 {
? ? ssl_cert = cert-imap.pem
? ? ssl_key ?= key-imap.pem
? }
? local ww.xx.yy.zz {
? ? ssl_cert = cert-imap-ww.xx.yy.zz.pem
? ? ssl_key ?= key-imap-ww.xx.yy.zz.pem
? }
But this doesn't:
? local 0.0.0.0/0 {
? ? protocol imap {
? ? ? ssl_cert = cert-imap.pem
? ?
? ssl_key ?= key-imap.pem
? ? }
? }
? local ww.xx.yy.zz {
? ? protocol imap {
? ? ? ssl_cert = cert-imap-ww.xx.yy.zz.pem
? ? ? ssl_key ?= key-imap-ww.xx.yy.zz.pem
? ? }
? }
It smells like a bug.
Anyway, does anybody know of a way to port my config to dovecot 2?