[BlueOnyx:26151] Re: SNI
Robert Fitzpatrick
robert at webtent.org
Tue Apr 25 09:17:18 -05 2023
Michael Stauber wrote on 2/7/2023 10:15 PM:
> When you next create or modify the SSL settings for a Vsite (creating
> a new LE cert, import a cert or simply flip SSL off and back on again)
> it'll walk through all Vsites and will create the proper SNI
> configuration for all Vsites that have valid SSL certs.
Still have not been able to get our new 5211R VM to use the Vsite cert.
I have one Vsite setup on the server, I disabled and re-enabled SSL for
the site and still Dovecot is responding with the server cert. Is this
working for everyone and can you suggest what I need to do next to resolve?
The server name is tbwh.webtent.net. When I disable SSL for the
www.tampabaywebhosting.net Vsite, the file in the following location
gets removed...
/etc/dovecot/conf.sni.d/site1.conf
After re-enabling, the file is generated as follows:
# SNI config file for www.tampabaywebhosting.net
local_name tampabaywebhosting.net {
ssl_cert = </home/.sites/site1/wwwroot/certs/nginx_cert_ca_combined
ssl_key = </home/.sites/site1/wwwroot/certs/key
}
local_name www.tampabaywebhosting.net {
ssl_cert = </home/.sites/site1/wwwroot/certs/nginx_cert_ca_combined
ssl_key = </home/.sites/site1/wwwroot/certs/key
}
I even tried to manually restart Dovecot, but still get the
tbwh.webtent.net cert warning when trying to connect.
--
Robert
More information about the Blueonyx
mailing list