Im trying to setup dovecot/postfix to provide right certificates. I know Postfix does not support SNI, so i configured SNI in dovecot only. So in mail client configuration i use domain.tld as imap mail server and serverdomain.tld as smtp mail server. Two different addresses. (Im using letsencrypt certificates) This works on Outlook desktop. No notification of untrusted certificates. But, in outlook mobile and gmail is not working and advices me that app cant confirm server is trusted. I suppose these apps use first certificate for both servers, so first it gets certificate for imap server that corresponds with domain.tld and after that it tries smtp server with this first certificate so there is a address mismatch. I would like to know how you had deal with this? Thanks
I'm little confused as you're talking about 2 domain names. The only way I could get lets encrypt SSL certificate to work with dovecot and postfix is by adding mail.example.com as an alias to main top-level server. Virtualmin then regenerates SSL certificate to include mail.example.com.
Then copy SSL certificate to dovecot and postfix. I guess you can also and mail.example.com as a separate server and copy SSL certificate to dovecot and postfix. But I like the alias method.
Source: Configure Domain Specific Emails with Virtualmin
I provide FREE Server Management Services in exchange of money
Whats the reason for adding mail.example.com? you can set example.com as imap and smtp server address...
example.com doesn't qualify as a valid hostname.
I provide FREE Server Management Services in exchange of money