> On 27/04/2022 22:14 Kees van Vloten <keesvanvloten at gmail.com>
wrote:
>
>
> Hi all,
>
> I am trying to setup dovecot to listen to imaps on the local network and
> through haproxy from the internet.
>
> service imap-login {
> ? inet_listener imaps {
> ??? port = 993
> ??? ssl = yes
> ? }
> ? inet_listener imaps_haproxy {
> ??? haproxy = yes
> ??? port = 10993
> ??? ssl = yes
> ? }
> }
>
> Obviously the dns-name on the internet connection (10993) is different
> than on the lan (993).
>
> In the docs
> (doc.dovecot.org/configuration_manual/dovecot_ssl_configuration)
> I found multiple options, but unfortunately none of those have the
> option to distinguish per listen port.
>
> Is there a way to setup two different certificates for the two listeners?
>
> - Kees
Hi!
Currently port is not supported. What we usually recommend here is that you use
haproxy to distribute connections to different local IP addresses and use
local 127.0.0.5/32 {
ssl_cert=</path
ssl_key=</path
}
Aki