Skip to content

Postfix 3.4: TLS SNI Mapping

short description

Postfix 3.4 supports a new feature which enables TLS SNI Mapping to enable each domain to have it's own SSL certificate.

correct behaviour

It would be good if ISPConfig could support this by default.

environment

Server OS: Ubuntu Server OS version: 20.04 ISPConfig version: 3.2.2

proposed fix

  • Allow various options to enable the use of certificates in the domain and include that in the generation of the certificate through LetsEncrypt. This could either be 'mail.domain' or even just domain by default.
  • Maintain, or write, the ability to set the tls_server_sni_maps variable in Postfix (from SQL if possible)