1

Topic: Multiple domains and certificate on one server

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): v0.9.9
- Deployed with iRedMail Easy or the downloadable installer? downloadable installer
- Linux/BSD distribution name and version:  Ubuntu 16.04.1 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  MySql
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hello,
I have one VPS with multiple domain and SSL.

I would like that, when a user logs  to a domain  the certificate associated with that domain will be returned to him.

How can i make it ?
My VPS has actually 2 VPSs.

Thanks in advance

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Multiple domains and certificate on one server

wilfriedtech wrote:

when a user logs  to a domain  the certificate associated with that domain will be returned to him.

What do you mean "returned"?

3

Re: Multiple domains and certificate on one server

By that, I mean the certificate that is sent to the MUA.

4

Re: Multiple domains and certificate on one server

wilfriedtech wrote:

By that, I mean the certificate that is sent to the MUA.

I might be wrong, but i don't think Dovecot/Postfix supports reading SSL certs per-virtual domain. It uses the cert that is bound to the $hostname of your box.

One way to overcome this is to have the MUA use $hostname as the hostname for POP/IMAP/SMTP. It will accept the cert(assuming it is a Let's Encrypt cert).

5

Re: Multiple domains and certificate on one server

GenZod wrote:

I might be wrong, but i don't think Dovecot/Postfix supports reading SSL certs per-virtual domain. It uses the cert that is bound to the $hostname of your box.

Dovecot and Nginx support this, but not Postfix - it loads only one ssl cert/key. Or, run  multiple postfix instances to load different certs/keys.

wilfriedtech wrote:

By that, I mean the certificate that is sent to the MUA.

I suggest requesting a letsencrypt cert to include all domains you need to serve the ssl services.

FYI: https://docs.iredmail.org/letsencrypt.html