Best practive for TLS/DNS Setup for exim
Hi,
I am just wondering how a efficient setup for TLS/DNS for exim looks like:
Right now I have an A entry in the DNS server for smtp.<domain> and a
letsencrypt certificate as well.
If I setup a new server and call it SMTP2, I need to reconfigure this in all my
email clients. If I install the SMTP certificates, testing is somewhat limited,
since the DNS entry still points to another server and I would need to fake
this.
Does anybody know if I can have a certificate for <hostname>.<domainname> and
use for smtp a CNAME?
The advantage I would see is that I can have a fully functional config and with
disabling the SMTP name on the old system and changing the CNAME in the DNS
system, I could be done.
Does anybody now if the standard email clients can handle the situation in
which them get as SMTP server a cname and as certificate the <hostname> the
SMTP cname points to?
Many thanks
Rainer
--
Rainer Dorsch
http://bokomoko.de/
Reply to: