Yes, that what I mean. They resolve to 1 IP address. Something like
Apache with virtual domains. It can see the hostname the user used to
connect to the server, although I think that's part of the HTTP protocol
though. Does Exim not have a variable, with the hostname the user used
to connect with the server?
Thanks for your help.
Greetings,
Michiel Eghuizen
SerNet Support Lutz Preßler wrote: >> Because our server is used by multiple domains, the server can be
>> connected to by:
>> smtp.domain1.com
>> smtp.domain2.com
>> smtp.domain3.com
>>
>> Now I can only setup 1 SSL certificate, but that won't work for the
>> other domains. Also if I set the CN to the IP address from the server,
>> the clients will still get a 'Domain Mismatch' error. I want to avoid
>> that error.
>>
> Do I understand correctly, that you want to use multiple names for
> one IP address? Then it is not possible to use different certificates,
> because exim cannot know which name the client used for connecting
> before switching to TLS/SSL.
>
>> So is there a possibility, to setup a SSL certificate per domain? So for
>> every domain I have another SSL certificate. Or does Exim not support that?
>>
> With multiple IP addresses it is possible as the global
> tls_certificate option is expanded. Use something like
> tls_certificate = /etc/exim/$received_ip_address.cert
> ($interface_address in older Exim versions). You can also set and use
> smtp_active_hostname.
>
>
> Lutz
>
>
