The Doctor
2018-Dec-15 17:35 UTC
Multiple SSL certs in a virtual Domain hosting environment
I am trying to get this correct.
---------------- configuration ------------
# 2.0.0: dovecot.conf
auth_cache_negative_ttl = 3600 s
base_dir = /var/run/dovecot/
disable_plaintext_auth = no
first_valid_uid = 100
info_log_path = /var/log/dovecot-info.log
log_path = /var/log/dovecot.log
listen = *
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c
mail_debug=yes
mail_location = mbox:~/mail:INBOX=/var/mail/%u
mail_log_prefix = %Us(%u):
mdbox_rotate_size = 2048
passdb {
args = /etc/master.passwd
driver = passwd-file
}
protocols = imap pop3 lmtp
service auth {
executable = /usr/dovecot2/libexec/dovecot/auth
user = root
}
service imap-login {
chroot = login
client_limit = 256
inet_listener imap {
address = 204.209.81.1, 127.0.0.1
port = 143
}
inet_listener imaps {
address = 204.209.81.1, 127.0.0.1
port = 993
ssl = yes
}
executable = /usr/dovecot2/libexec/dovecot/imap-login
process_limit = 128
process_min_avail = 3
service_count = 1
user = dovecot
##vsz_limit = 1M
}
service imap {
executable = /usr/dovecot2/libexec/dovecot/imap
process_limit = 512
##vsz_limit = 256
}
ssl = yes
ssl_cert = <//etc/ssl/certs/wilcard.nk.ca.2018.chain.cert
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL: !NULL : !RC2 : !RC4 : !SEED :
!IDEA : !SSLv3
ssl_key = </etc/ssl/certs/wilcard.nk.ca.2018.key
verbose_ssl = yes
ssl_dh=</usr/dovecot2/etc/dovecot/ssl/dh.pem
userdb {
driver = passwd
}
userdb {
args = /etc/passwd
driver = passwd-file
}
protocol imap {
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
imap_idle_notify_interval = 120 s
imap_logout_format = bytes=%i/%o
imap_max_line_length = 65536
mail_max_userip_connections = 10
mail_plugin_dir = /usr/dovecot2/lib/dovecot/imap
local_name imap.acebizventures.com {
ssl_cert = </etc/ssl/certs/wildcard.acebizventures.com.2019.chain.cert
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL: !NULL : !RC2 : !RC4 : !SEED :
!IDEA : !SSLv3
ssl_key = </etc/ssl/certs/wildcard.acebizventures.com.2019.key
}
ssl_cert = </etc/ssl/certs/wilcard.nk.ca.2018.chain.cert
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL
ssl_key = </etc/ssl/certs/wilcard.nk.ca.2018.key
ssl_dh=</usr/dovecot2/etc/dovecot/ssl/dh.pem
verbose_ssl = yes
}
plugin {
home=/usr/dovecot2
}
service pop3-login {
chroot = login
client_limit = 256
inet_listener pop3 {
address = 204.209.81.1
port = 110
}
inet_listener pop3s {
address = 204.209.81.1
port = 995
ssl = yes
}
executable = /usr/dovecot2/libexec/dovecot/pop3-login
process_limit = 128
process_min_avail = 4
service_count = 1
user = dovecot
}
service pop3 {
executable = /usr/dovecot2/libexec/dovecot/pop3
process_limit = 512
}
protocol pop3 {
pop3_no_flag_updates = yes
pop3_enable_last = yes
pop3_reuse_xuidl = yes
pop3_lock_session = no
pop3_uidl_format = %08Xu%08Xv
pop3_save_uidl = no
pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
mail_max_userip_connections = 3
mail_plugins = $mail_plugins
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh ## oe6-fetch-no-newmail
local_name pop3.acebizventures.com {
ssl_cert = </etc/ssl/certs/wildcard.acebizventures.com.2019.chain.cert
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL: !NULL : !RC2 : !RC4 : !SEED :
!IDEA : !SSLv3
ssl_key = </etc/ssl/certs/wildcard.acebizventures.com.2019.key
}
ssl_cert = </etc/ssl/certs/wilcard.nk.ca.2018.chain.cert
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:aNULL
ssl_key = <//etc/ssl/certs/wilcard.nk.ca.2018.key
ssl_dh=</usr/dovecot2/etc/dovecot/ssl/dh.pem
verbose_ssl = yes
}
service lmtp {
process_min_avail = 5
inet_listener lmtp {
address = 204.209.81.1 127.0.0.1
port = 24
}
executable = lmtp -L
unix_listener lmtp {
}
}
protocol lmtp {
info_log_path = /var/log/dovecot-lmtp.log
# use %Ln to strip away the domain part
auth_username_format = %Lu
}
}
End configuration.
Is it possible to listen on a A.B.C.0/24 ?
Anything else to get virtual multiple SSLs to work?
Unique domains on each SSL.
--
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist
rising!
https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism
Merry Christmas 2018 and Happy New Year 2019!!
Possibly Parallel Threads
Wisdom of the Ancients
