Re: [exim] Multiple SSL certificates

トップ ページ
このメッセージを削除
このメッセージに返信
著者: SerNet Support Lutz Preßler
日付:  
To: Michiel (Eduwijs B.V)
CC: exim-users
題目: Re: [exim] Multiple SSL certificates
> Because our server is used by multiple domains, the server can be
> connected to by:
> smtp.domain1.com
> smtp.domain2.com
> smtp.domain3.com
>
> Now I can only setup 1 SSL certificate, but that won't work for the
> other domains. Also if I set the CN to the IP address from the server,
> the clients will still get a 'Domain Mismatch' error. I want to avoid
> that error.

Do I understand correctly, that you want to use multiple names for
one IP address? Then it is not possible to use different certificates,
because exim cannot know which name the client used for connecting
before switching to TLS/SSL.
>
> So is there a possibility, to setup a SSL certificate per domain? So for
> every domain I have another SSL certificate. Or does Exim not support that?

With multiple IP addresses it is possible as the global
tls_certificate option is expanded. Use something like
tls_certificate = /etc/exim/$received_ip_address.cert
($interface_address in older Exim versions). You can also set and use
smtp_active_hostname.


Lutz

-- 
Lutz Preßler  <Lutz.Pressler@???>    http://www.SerNet.DE/
SerNet Service Network GmbH, Bahnhofsallee 1b, D-37081 Göttingen
Tel.: +49-551-370000-2,      FAX: +49-551-370000-9
AG Göttingen, HRB 2816,      GF: Dr. Johannes Loxen