Multiple Mail Domains with Domain-specific SSL Certificates for Postfix and Dovecot

Hello everyone,
we're running a central mailserver using ISPConfig 3, hosting multiple domains (e.g. domain1.tld, domain2.tld, domain3.tld).
Our goal is to allow users to connect via mail.domainX.tld, and have the mailserver present a valid SSL certificate for each respective domain (for both SMTP and IMAP/POP3).

Let's Encrypt certificates are already successfully issued per domain through ISPConfig. The challenge:
By default, Postfix and Dovecot can only use one SSL certificate for all connections. This leads to certificate warnings when a user connects via mail.domain2.tld, but only a certificate for mail.domain1.tld is configured on the server.

Question: Is there any official or recommended way to:

• Configure per-domain SSL certificates (e.g. Let's Encrypt) in Postfix and Dovecot, ideally using SNI?
• And preferably manage this automatically through ISPConfig?

If there’s no native support yet, we’d also be interested in a shell-script-based solution that plays nicely with ISPConfig’s setup.

Thanks u, many greets iceget

 

This would be manual configuration outside ISPC.

Dovecot:
https://doc.dovecot.org/2.3/configu...client-tls-sni-server-name-indication-support

Postfix:
https://medium.com/better-coder/postfix-multiple-domain-ssl-certificates-89c9f186ed73

See also this previous post about the same subject:
https://forum.howtoforge.com/threads/sni-support-for-mail-server.91094/