From: Ken Murchison (no email)
Date: Mon Mar 03 2003 - 10:02:10 EST
wrote:
>
> Is it possible to tell cyrusd to use different certs for different
> IP's.
>
> I'd like to seperate pop- and imapaccess to different IP's but not to
> maintain to different cyrus-configs and run two master-daemons.
>
> The only problem are the ssl-certs.
>
> in cyrus.conf
>
> imap_ext cmd="imapd" listen="xxx.xxx.xxx.001:imap" prefork=0
> imaps_ext cmd="imapd -s" listen="xxx.xxx.xxx.001:imaps" prefork=0
>
> imap_int cmd="imapd" listen="192.168.0.1:imap" prefork=6
> imaps_int cmd="imapd -s" listen="192.168.0.1:imaps" prefork=0
>
> imap_lo cmd="imapd" listen="127.0.0.1:imap" prefork=0
> imaps_lo cmd="imapd -s" listen="127.0.0.1:imaps" prefork=0
>
> pop3_ext cmd="pop3d" listen="xxx.xxx.xxx.002:pop3" prefork=2
> pop3s_ext cmd="pop3d -s" listen="xxx.xxx.xxx.002:pop3s" prefork=1
>
> but:
>
> in imapd.conf I can only set
>
> tls_cert_file: /data/pki/pop.XXXX.org.pem
> tls_key_file: /data/pki/pop.XXXX.org.pem
What version of Cyrus? With 2.1 (and possibly 2.0, I don't remember),
you can have per-protocol certs/keys. See imapd.conf(5).
-- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
|
|
|