> Am Mo, den 12.07.2004 schrieb James Kosin um 20:54: > >> Background: >> I'm trying to setup a secure SMTP connection. I have everything setup; >> but, I have a stumbling block as I see it. My machine has multiple host >> names. > > You don't say which MTA you are using. That is important information. > > You host can't have multiple host names. You mean you have maybe > multiple IPs, but certainly multiple domains resolving to your box > IP(s). > >> Questions: >> >> 1) Can you build more than one certificate to be used? I'm not sure >> how... > > Don't think so. With Sendmail this is not possible, with Postfix IMHO > neither. > >> 2) How do you add certificates to an existing PEM file? > > Only one certificate per pem file possible. > >> 3) Do I need to setup anything different? > > Use 1 single hostname for the SMTP server, like mail.domainfoo.tld. Let > all domains use this mail server name. > Last day I found this: =================== RFC 2830 also specifies a means for additional names to be set in a certificate. This is done using the subjectAltName field which is an X.509v3 extension of the basic certificate. This field can be used to list aliases for a server, shared names in a load-balancing setup, or any other desired purpose. A wildcard can also be used, to allow a single certificate to match all hostnames within a given domain. In the openssl.cnf file, the syntax for this extension is subjectAltName=DNS:alias1.domain1,DNS:host2.domain2,DNS:*.domain3 Any number of names may be specified in the comma-separated list. =================== Maybe can help. Fernando.
