This website is deprecated, and remains online only for historic access to old issues and docs for historic versions of Virtualmin. It has been unmaintained for several years, and should not be relied on for up-to-date information. Please visit www.virtualmin.com instead.

Dovecot + local_name + SSL

1 post / 0 new

Topic locked

#1 Tue, 09/10/2019 - 13:08

b1cata

Dovecot + local_name + SSL

Hello,

My sysinfo:

CentOS Linux release 7.6.1810 (Core)
dovecot-2.2.36-3.el7.x86_64
webmin-1.930-1.noarch
virtualmin-release-1.0-5.gpl.rhel.noarch

I am using server name mail.mydomain.tld (which is a sub-server in Virtualmin) to configure mail clients, and for IMAPS and POP3S I have SSL certificate from Lets Encrypt (renewed automatically every 2 months). Even I have defined ssl_cert, ssl_key, ssl_ca in /etc/dovecot/conf.d/10-ssl.conf, Virtualmin insists to define "local_name" in /etc/dovecot/dovecot.conf

That wouldn't be a problem, but from time to time config file /etc/dovecot/dovecot.conf it's been modified automatically from that:

local_name mail.mydomain.tld {
ssl_cert = </home/mydomain/domains/mail.mydomain.tld/ssl.cert
ssl_key = </home/mydomain/domains/mail.mydomain.tld/ssl.key
  ssl_ca = </home/mydomain/domains/mail.mydomain.tld/ssl.ca
}

to that:

local_name mail.mydomain.tld {
ssl_cert = </home/mydomain/ssl.cert
ssl_key = </home/mydomain/ssl.key
  ssl_ca = </home/mydomain/domains/mail.mydomain.tld/ssl.ca
}

The result is that mail clients begin to complain that SSL certificate isn't ok.

Is there a way to force Virtualmin to NOT use local_name definitions for every domain/subdomain?

I can change attributes for dovecot config file, but I think that could be a more elegant way.

Thank you for your time.

Best regards, Catalin.