[BlueOnyx:26193] Re: SNI
Robert Fitzpatrick
robert at webtent.org
Fri May 5 14:58:25 -05 2023
Robert Fitzpatrick wrote on 4/25/2023 10:17 AM:
> Michael Stauber wrote on 2/7/2023 10:15 PM:
>> When you next create or modify the SSL settings for a Vsite (creating
>> a new LE cert, import a cert or simply flip SSL off and back on
>> again) it'll walk through all Vsites and will create the proper SNI
>> configuration for all Vsites that have valid SSL certs.
>
> Still have not been able to get our new 5211R VM to use the Vsite
> cert. I have one Vsite setup on the server, I disabled and re-enabled
> SSL for the site and still Dovecot is responding with the server cert.
> Is this
> working for everyone and can you suggest what I need to do next to resolve?
>
>
> The server name is tbwh.webtent.net. When I disable SSL for the
> www.tampabaywebhosting.net Vsite, the file in the following location
> gets removed...
>
> /etc/dovecot/conf.sni.d/site1.conf
>
> After re-enabling, the file is generated as follows:
>
> # SNI config file for www.tampabaywebhosting.net
>
> local_name tampabaywebhosting.net {
> ssl_cert = </home/.sites/site1/wwwroot/certs/nginx_cert_ca_combined
> ssl_key = </home/.sites/site1/wwwroot/certs/key
> }
>
>
> local_name www.tampabaywebhosting.net {
> ssl_cert = </home/.sites/site1/wwwroot/certs/nginx_cert_ca_combined
> ssl_key = </home/.sites/site1/wwwroot/certs/key
> }
>
> I even tried to manually restart Dovecot, but still get the
> tbwh.webtent.net cert warning when trying to connect.
>
Bump. Still struggling to get SNI working on this newly setup 5211R. I
have even tried completely removing the vsite and setting up again from
scratch with SSL. What on earth am I doing wrong?
--
Robert
More information about the Blueonyx
mailing list