SNI for per-domain Dovecot SSL certificates (BETA)

Version 1.51

Feature
Finished

DEPRECATED!!! Use mail_sni instead of dovecot_sni: https://www.directadmin.com/features.php?id=2019 ================================== Feature related to this guide: https://help.directadmin.com/item.php?id=573 Allowing DA to create/manage per-domain SNI files for dovecot in: /etc/dovecot/conf/sni/9DOMAIN.conf via: /etc/dovecot/conf.d/95-sni.conf Because dovecot requires the CA cert to be in the .cert file (that's how we'll do it anyway), if you have: user/domains/domain.com.cert user/domains/domain.com.cacert DA will auto generate: user/domains/domain.com.cert.combined for use in the dovecot config. (Nginx also uses this .combined file) ========================= TO ENABLE The internal default is: dovecot_sni=0 so set: dovecot_sni=1 in your directadmin.conf, and restart DA. Go to the: User Level -> SSL Certificates and if you currently have a pasted cert/key, simply hit "save" to regenerate the dovecot config for that domain. Then setup the configs: cd /usr/local/directadmin/custombuild ./build update ./build dovecot_conf ========================= TEMPLATE /usr/local/directadmin/data/templates/dovecot_sni.conf where it will use this template several times for each domain, to add SNI for: domain.com, mail.domain.com, pop.domain.com and imap.domain.com ========================= TASK QUEUE If you want to tell all live SSL domains to have their dovecot configs written, type; echo "action=rewrite&value=dovecot_sni" >> /usr/local/directadmin/data/task.queue this will create the sni/domain.com.conf for each SSL domain, plus one for the system hostname. *** IMPORTANT *** If you run: ./build dovecot_conf If you need to add a custom file, create it /usr/local/directadmin/custombuild/custom/dovecot/cond/sni/YOURCUSTOMDOMAIN.COM.conf which will be set with the ./build dovecot_conf. If you make SSL certificate changes in DA, DA may resave that file, so you'd need to: ./build rewrite_confs again to reset any overrides. If you custom file was extra, and not matching any existing file, then it should be fine in the custom/dovecot/conf.d/95.. method. ========================= Related thread for doing the same thing in a different way: http://forum.directadmin.com/showthread.php?t=53967

Interested to try DirectAdmin? Get a 30-day Free Trial!