[BlueOnyx:26152] Re: SNI
Larry Smith
lesmith at ecsis.net
Tue Apr 25 09:29:38 -05 2023
Just curiousity more than anything but what does
your /etc/hosts file say the name is for each IP on the box?
--
Larry Smith
lesmith at ecsis.net
On Tue April 25 2023 09:17, Robert Fitzpatrick wrote:
> Michael Stauber wrote on 2/7/2023 10:15 PM:
> > When you next create or modify the SSL settings for a Vsite (creating
> > a new LE cert, import a cert or simply flip SSL off and back on again)
> > it'll walk through all Vsites and will create the proper SNI
> > configuration for all Vsites that have valid SSL certs.
>
> Still have not been able to get our new 5211R VM to use the Vsite cert.
> I have one Vsite setup on the server, I disabled and re-enabled SSL for
> the site and still Dovecot is responding with the server cert. Is this
> working for everyone and can you suggest what I need to do next to resolve?
>
> The server name is tbwh.webtent.net. When I disable SSL for the
> www.tampabaywebhosting.net Vsite, the file in the following location
> gets removed...
>
> /etc/dovecot/conf.sni.d/site1.conf
>
> After re-enabling, the file is generated as follows:
>
> # SNI config file for www.tampabaywebhosting.net
>
> local_name tampabaywebhosting.net {
> ssl_cert = </home/.sites/site1/wwwroot/certs/nginx_cert_ca_combined
> ssl_key = </home/.sites/site1/wwwroot/certs/key
> }
>
>
> local_name www.tampabaywebhosting.net {
> ssl_cert = </home/.sites/site1/wwwroot/certs/nginx_cert_ca_combined
> ssl_key = </home/.sites/site1/wwwroot/certs/key
> }
>
> I even tried to manually restart Dovecot, but still get the
> tbwh.webtent.net cert warning when trying to connect.
More information about the Blueonyx
mailing list