letsencrypt per virtual server ssl certs on single ip4 multiple ip6 VM best practice?

Hi,

I have a virtualmin installation on a VM host who provides 1 ip4 address and as many ip6 addresses as I care to configure.

I have around 6 domains configured with a virtualmin server per domain.
Each domain has to share an ip4 address and also has a unique ip6 address

I have Lets Encrypt SSL cert configured per Website for domains www.domain… and domain…

Currently the mail clients all use the same domain to send ( since I believe postfix doesn’t support multiple certs on a single ip4 i think?? )
The mail clients use a mail.theirowndomain… for receiving mail via pop or imap ( so via dovecot etc )

Just using the Virtualmin UI how can I make each dovecot user be served the cert for their mai.owndomain? ( possibly the same as their web domain one ).

My understanding is that if I use the Copy to Dovecot option within a specific virtual servers settings it just overwrites the global one used by dovecot ( is that right ?)

I think t would be preferable to use a cert per domain for all services for that domain but I dont think thats possible, so what are my options ( if any ) ?

Do I have to bite the bullet and make all clients use one mail server in the same domain ?

Thanks

Do I have to bite the bullet and make all clients use one mail server in the same domain ?
In short - yes. You can have only one SSL per mail server so each time to use "Copy to Dovecot" it will overwrite old SSL. Best practice is cases like your is to use "neutral" domain as base for Wirtualmin, Email, nameservers... and then use separate SSL for each domain for https.

Ok, thank you very much :slight_smile: