On Tuesday 08 of December 2015, Gerhard Wiesinger wrote:> On 07.12.2015 20:13, Timo Sirainen wrote: > > http://dovecot.org/releases/2.2/dovecot-2.2.20.tar.gz > > http://dovecot.org/releases/2.2/dovecot-2.2.20.tar.gz.sig > > > > This could be (one of) the last v2.2.x release. We're starting v2.3 > > development soon. > > Great! > > What's on the featurelist of v2.3?Support for thousands of ssl certificates without having to load/specify these in config would be nice. Something like load_cert_pattern = /etc/dovecot/ssl/$domain (aka if file exists - use it) cert_fallback = /etc/dovecot/ssl/primary.cert etc That would make it possible to use https://letsencrypt.org functionality for all hosted domains at once. -- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org )
On 2015-12-08 19:32:50 +0100, Arkadiusz Mi?kiewicz wrote:> On Tuesday 08 of December 2015, Gerhard Wiesinger wrote: > > On 07.12.2015 20:13, Timo Sirainen wrote: > > > http://dovecot.org/releases/2.2/dovecot-2.2.20.tar.gz > > > http://dovecot.org/releases/2.2/dovecot-2.2.20.tar.gz.sig > > > > > > This could be (one of) the last v2.2.x release. We're starting v2.3 > > > development soon. > > > > Great! > > > > What's on the featurelist of v2.3? > > Support for thousands of ssl certificates without having to load/specify these > in config would be nice. > > Something like > load_cert_pattern = /etc/dovecot/ssl/$domain (aka if file exists - use it) > cert_fallback = /etc/dovecot/ssl/primary.cert > etc > > That would make it possible to use https://letsencrypt.org functionality for > all hosted domains at once.what you want is called SNI. not sure how many mail clients support that properly. darix -- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 8 Dec 2015, Arkadiusz Mi?kiewicz wrote:>> What's on the featurelist of v2.3? > > Support for thousands of ssl certificates without having to load/specify these > in config would be nice. > > Something like > load_cert_pattern = /etc/dovecot/ssl/$domain (aka if file exists - use it) > cert_fallback = /etc/dovecot/ssl/primary.certwhere does $domain come from?> That would make it possible to use https://letsencrypt.org functionality for > all hosted domains at once.- -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVmfJHHz1H7kL/d9rAQKdUggAqO+qDoKj7M6agjwNWcLoQLVizc3NDEpf 3KwdKbQTvcBvTH8eFoNZwQQHbtpJVfiiyEF/yfKrSpsi2bNFbZocGVQfVcuURQc+ ci3383dUJ0mqZoKeg/pzDFQwru2iYCEJ5F9h3BLcwlq45zyE7jqQt1Mca8W3QGBQ dVggFEVQMaAQAyKDULeBtr5Unp1pJllz9i9nqr+Vxha5ovjOUPz44+Orh3pOz4uJ +kEMp0fDTC5lKFgT4Gp3eM3U+jbZip4ewUVWwolTfnlL5hl7T8cjxz+lS2sR7san 3BVsm0hgPQrPrSmVN72Cb81stpDWz9Dg3BDJwEG3Jey2sAXs6rdb/A==cIRK -----END PGP SIGNATURE-----
On Wednesday 09 of December 2015, Steffen Kaiser wrote:> On Tue, 8 Dec 2015, Arkadiusz Mi?kiewicz wrote: > >> What's on the featurelist of v2.3? > > > > Support for thousands of ssl certificates without having to load/specify > > these in config would be nice. > > > > Something like > > load_cert_pattern = /etc/dovecot/ssl/$domain (aka if file exists - use > > it) cert_fallback = /etc/dovecot/ssl/primary.cert > > where does $domain come from?From connecting client, from SNI (https://en.wikipedia.org/wiki/Server_Name_Indication)> > > That would make it possible to use https://letsencrypt.org functionality > > for all hosted domains at once.-- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org )