Hi all,
I am trying to setup dovecot to listen to imaps on the local network and
through haproxy from the internet.
service imap-login {
? inet_listener imaps {
??? port = 993
??? ssl = yes
? }
? inet_listener imaps_haproxy {
??? haproxy = yes
??? port = 10993
??? ssl = yes
? }
}
Obviously the dns-name on the internet connection (10993) is different
than on the lan (993).
In the docs
(https://doc.dovecot.org/configuration_manual/dovecot_ssl_configuration/)
I found multiple options, but unfortunately none of those have the
option to distinguish per listen port.
Is there a way to setup two different certificates for the two listeners?
- Kees
> On 27/04/2022 22:14 Kees van Vloten <keesvanvloten at gmail.com> wrote: > > > Hi all, > > I am trying to setup dovecot to listen to imaps on the local network and > through haproxy from the internet. > > service imap-login { > ? inet_listener imaps { > ??? port = 993 > ??? ssl = yes > ? } > ? inet_listener imaps_haproxy { > ??? haproxy = yes > ??? port = 10993 > ??? ssl = yes > ? } > } > > Obviously the dns-name on the internet connection (10993) is different > than on the lan (993). > > In the docs > (https://doc.dovecot.org/configuration_manual/dovecot_ssl_configuration/) > I found multiple options, but unfortunately none of those have the > option to distinguish per listen port. > > Is there a way to setup two different certificates for the two listeners? > > - KeesHi! Currently port is not supported. What we usually recommend here is that you use haproxy to distribute connections to different local IP addresses and use local 127.0.0.5/32 { ssl_cert=</path ssl_key=</path } Aki