TLS SNI with Let's Encrypt on Postfix/Dovecot?

Discussion in 'Installation/Configuration' started by PA1JIM, Apr 11, 2018.

  1. PA1JIM

    PA1JIM New Member

    I noticed DirectAdmin supports TLS SNI for imap/smtp with Let's Encrypt on their latest release. I've test it and it works really nice. But I'm more of a ISPconfig person then DirectAdmin. I'm curious: is it already possible to support TLS SNI for Postfix/Dovecot with Let's Encrypt on ISPconfig3? If not: are their any plans to implement this?
    The end result is you can host multiple domains on 1 IP-address and not only do https: for every domain, but also present a valid Let's Encrypt-certificate for mail-connections (pop/imap & smtp).

    Running Ubuntu 16.04 (Xenial) and ISPConfig Version: 3.1.8p1.

    Thanks!
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Not quite sure how they got postfix to support SNI, maybe they patched it or they use a different SMTP server. From Postfix TLS page http://www.postfix.org/TLS_README.html:

    and unless postfiux supports SNI, we can't support SNI in ISPConfig for Postfix.
     
  3. PA1JIM

    PA1JIM New Member

    I'm sorry, I should have mentioned DirectAdmin is using Exim. My bad.
    https://forum.directadmin.com/showthread.php?t=53967

    But it's logical if Postfix doesn't support it, it's hard to implement ISPconfig. :-(

    Luckily it's not a crucial feature but it would be neat if it worked.
     
  4. SimeonF

    SimeonF New Member

    In Version 3.4 postfix added SNI support, so adding SNI to deovecot and postfix would be possible by now ...
     
    iqpascal likes this.

Share This Page