1 Topic by CavaliereFantasma

  • CavaliereFantasma
  • Member
  • Offline
  • Registered: 2020-04-14
  • Posts: 9

Topic: What do you suggest for multiple postfix certs?

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.3.2 MARIADB edition
- Deployed with iRedMail Easy or the downloadable installer? installer
- Linux/BSD distribution name and version: Debian GNU/Linux 10 (buster)
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? Yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi,

I'm running a iredmail with multiple domains in a single letsencrypt ssl certificate. As soon as letsencrypt accepts only 100 domain name in a single certificate, what do you suggest to do? if the best solution was to launch several instances of postfix, what would be the best way to do it? and what would be the risk?. Thanks a lot for your effort.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by iredmailtnt

  • iredmailtnt
  • Member
  • Offline
  • Registered: 2016-02-10
  • Posts: 52

Re: What do you suggest for multiple postfix certs?

CavaliereFantasma wrote:

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.3.2 MARIADB edition
- Deployed with iRedMail Easy or the downloadable installer? installer
- Linux/BSD distribution name and version: Debian GNU/Linux 10 (buster)
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? Yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi,

I'm running a iredmail with multiple domains in a single letsencrypt ssl certificate. As soon as letsencrypt accepts only 100 domain name in a single certificate, what do you suggest to do? if the best solution was to launch several instances of postfix, what would be the best way to do it? and what would be the risk?. Thanks a lot for your effort.

I could be wrong but I think you are making this too hard.
Assuming you are hosting email for multiple customers why not put a single cert on the mail server and tell everyone to use that hostname for the incoming and outgoing mail servers. Something like mail.mycompany.com will work (that is how I do it). The other possible choice might be to use wildcard certs.

A quick google shows this: https://serverfault.com/questions/92892 … -on-one-ip but that seems like a lot of trouble for no real gain. Keep in mind that does not solve the problem in dovecot or nginx.

Regards,

Tom