1

Topic: Multiple SSL for Multiple Domains in the same Machine & IP

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.6.0 OPENLDAP edition.
- Deployed with iRedMail Easy or the downloadable installer? Installer
- Linux/BSD distribution name and version: Ubuntu22.04 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx):Nginx
- Manage mail accounts with iRedAdmin-Pro? NO
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
Hi there,
Im trying to setup iRedMail and its working perfectly for a single domain.
The thing im trying to do is to have some separated domains on the same server (same IP and same machine). I have been trying to search information about this but nothing has worked.
I tried adding a hash map for multiple domains on postfix, i tried setting configurations for multiple ssl but im stuck.
I have got a mx.domain1.com that gets the certificate perfectly when I send an email from it, but when i try to send an email from mx.domain2.com, it takes the certificate from the first one.

---/etc/hosts/---

127.0.0.1 mx.domain1.com mx.domain2.com mail localhost localhost.localdomain
xxx.xxx.xxx.xxx mx.domain1.com mx.domain2.com mail


----dovecot.conf----
local_name domain1.com {
  ssl_cert = </etc/ssl/certs/domain1.crt
  ssl_key = </etc/ssl/private/domain1.crt
}

local_name domain2.com {
  ssl_cert = </etc/ssl/certs/domain2.crt
  ssl_key = </etc/ssl/private/domain2.key
}

I dont know exactly how to make it works on postfix but i followed the method of generating a hashmap with this clause:

tls_server_sni_maps = hash:/etc/postfix/sni_maps

and compiling it to get sni_maps.db, anyway I still thinking that it takes the parameters on this file and ignores sni_maps.db

Am i missing anything?

I dont care about nginx because it is working perfectly for both domains.

I'm sorry but im new in smtp server deployment.

Thank you so much.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Multiple SSL for Multiple Domains in the same Machine & IP

Hi,

This does work.
I have set it up with with 4 different domains on the some server and have no issues.
You need to setup a config file in nginx as well for each of the domain.

1/ in /etc/nginx/sites-available - create a config file for each of the domains. eg:

mail.domain1.com.au.conf
mail.domain2.com.au.conf
mail.domain3.com.conf
mail.domain4.net.conf
2/ the config files look like this:
#
# Note: This file must be loaded before other virtual host config files,
#
# HTTP
server {
    # Listen on ipv4
    listen 80;
    listen [::]:80;

    server_name mail.domain1.com;

    # Redirect all insecure http:// requests to https://
    return 301 https://$host$request_uri;
}
#
# Note: This file must be loaded before other virtual host config files,
#
# HTTPS
server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name mail.domain1.com;

    root /var/www/html;
    index index.php index.html;

    location = /SOGo.woa/WebServerResources/img/sogo-full.svg {
       alias /var/www/html/img/ins.net/logo.svg;
    }

    location = /SOGo.woa/WebServerResources/img/sogo.ico {
       alias /var/www/html/img/ins.net/favicon.ico;
    }

    location =  /skins/elastic/images/logo.svg{
       alias /var/www/html/img/ins.net/logo.svg;
    }

    location =  /skins/larry/images/roundcube_logo.png{
       alias /var/www/html/img/ins.net/logo.svg;
    }

    include /etc/nginx/templates/misc.tmpl;
    include /etc/nginx/templates/ssl.tmpl;
    include /etc/nginx/templates/iredadmin.tmpl;
    include /etc/nginx/templates/roundcube.tmpl;
    include /etc/nginx/templates/sogo.tmpl;
    include /etc/nginx/templates/netdata.tmpl;
    include /etc/nginx/templates/php-catchall.tmpl;
    include /etc/nginx/templates/stub_status.tmpl;

    ssl_certificate /etc/letsencrypt/live/mail.domain1.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/mail.domain1.com/privkey.pem;
}

each of the domains has its own ssl certs, and I am using letsencrypt, and with this I have also been able to change the SOGO logo and icon for each of the domains to be domain specific.

Hopes this helps.

3

Re: Multiple SSL for Multiple Domains in the same Machine & IP

Maybe it can be useful?
https://www.linuxbabe.com/mail-server/s … ains-nginx

4

Re: Multiple SSL for Multiple Domains in the same Machine & IP

How about using only one cert for multiple domain names?
FYI: https://docs.iredmail.org/letsencrypt.html

5

Re: Multiple SSL for Multiple Domains in the same Machine & IP

I tried doing the "one cert thing" but it didnt work. The gppaiko solution was the great one. Ty for all.

6

Re: Multiple SSL for Multiple Domains in the same Machine & IP

I'm not sure I'm fully comprehending the problem, so excuse me if I'm answering the wrong question.

I have multiple domains within iRedMail.

In LetsEncrypt I set up one certificate -

certbot certonly --webroot -w /var/www/html -d mail.domainA.com -d www.domainA.com -d mail.domainB.com -d www.domainB.com
etc ...

everything works fine.