TLS SNI with Let's Encrypt on Postfix/Dovecot?

Discussion in 'Installation/Configuration' started by PA1JIM, Apr 11, 2018.

  1. PA1JIM

    PA1JIM New Member

    I noticed DirectAdmin supports TLS SNI for imap/smtp with Let's Encrypt on their latest release. I've test it and it works really nice. But I'm more of a ISPconfig person then DirectAdmin. I'm curious: is it already possible to support TLS SNI for Postfix/Dovecot with Let's Encrypt on ISPconfig3? If not: are their any plans to implement this?
    The end result is you can host multiple domains on 1 IP-address and not only do https: for every domain, but also present a valid Let's Encrypt-certificate for mail-connections (pop/imap & smtp).

    Running Ubuntu 16.04 (Xenial) and ISPConfig Version: 3.1.8p1.

    Thanks!
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Not quite sure how they got postfix to support SNI, maybe they patched it or they use a different SMTP server. From Postfix TLS page http://www.postfix.org/TLS_README.html:

    and unless postfiux supports SNI, we can't support SNI in ISPConfig for Postfix.
     
  3. PA1JIM

    PA1JIM New Member

    I'm sorry, I should have mentioned DirectAdmin is using Exim. My bad.
    https://forum.directadmin.com/showthread.php?t=53967

    But it's logical if Postfix doesn't support it, it's hard to implement ISPconfig. :-(

    Luckily it's not a crucial feature but it would be neat if it worked.
     

Share This Page