{"id":1537,"date":"2025-08-11T12:40:02","date_gmt":"2025-08-11T07:10:02","guid":{"rendered":"https:\/\/lookouthost.com\/blog\/?p=1537"},"modified":"2026-01-23T19:29:48","modified_gmt":"2026-01-23T13:59:48","slug":"sni-for-per-domain-dovecot-ssl-certificates-beta-new","status":"publish","type":"post","link":"https:\/\/lookouthost.com\/blog\/sni-for-per-domain-dovecot-ssl-certificates-beta-new\/","title":{"rendered":"SNI for per-domain Dovecot SSL certificates (BETA)\u00a0new"},"content":{"rendered":"<p>DEPRECATED!!! Use mail_sni instead of dovecot_sni:<\/p><p><a href=\"https:\/\/docs.directadmin.com\/changelog\/version-1.52.0.html#mail-sni-for-dovecot-and-exim-sni-certificates\" class=\"\">mail_sni for dovecot and exim sni certificates<\/a><\/p><h2 class=\"wp-block-heading\" id=\"to-enable\">TO ENABLE SNI for per-domain in DirectAdmin Server<\/h2><pre class=\"wp-block-code\"><code>\nThe dovecot_sni and exim_sni options will be deprecated from the directadmin.conf, and replaced with a single option:\n\nmail_sni=0\n\nwhich is the internal default.\n\nTo enable it in your directadmin.conf  nano \/usr\/local\/directadmin\/conf\/directadmin.conf set:\n\nmail_sni=1\n\nsecure_access_group=access should be enabled in the directadmin.conf, so that the certificates are chmod to 640 with group \"access\", so \"mail\" (within the access group) can read them.\n<\/code><\/pre><p>Go to the:<\/p><p>User Level -&gt; SSL Certificates<\/p><p>and if you currently have a pasted cert\/key, simply hit &#8220;save&#8221; to regenerate the dovecot config for that domain.<\/p><p>Then setup the configs:<\/p><pre class=\"wp-block-code\"><code>cd \/usr\/local\/directadmin\/custombuild\n.\/build update\n.\/build dovecot_conf\n\nTASK QUEUE\nTo generate snidomains file:\n\necho \"action=rewrite&amp;value=snidomains\" >> \/usr\/local\/directadmin\/data\/task.queue\nIf you want to tell all live SSL domains to have their dovecot configs written, type;\n\necho \"action=rewrite&amp;value=mail_sni\" >> \/usr\/local\/directadmin\/data\/task.queue\n\necho \"action=rewrite&amp;value=mail_sni&amp;domain=domain.com\" >> \/usr\/local\/directadmin\/data\/task.queue\n\nthis will recreate the sni\/domain.com.conf for each SSL domain, plus one for the system hostname.\n\nIt will use the \/etc\/virtual\/domainowners, to go through each domain, each cert, and remove any existing *:user:domain.com entries from snidomains, and re-add whatever is present<\/code><\/pre><p>After this verify your domain mail server ssl using <\/p><p><a href=\"https:\/\/www.sslshopper.com\/ssl-checker.html#hostname=mail.hostmayo.com\">https:\/\/www.sslshopper.com\/ssl-checker.html#hostname=mail.hostmayo.com<\/a><\/p>","protected":false},"excerpt":{"rendered":"<p>DEPRECATED!!! Use mail_sni instead of dovecot_sni: mail_sni for dovecot and exim sni certificates TO ENABLE SNI for per-domain in DirectAdmin Server Go to the: User Level -&gt; SSL Certificates and if you currently have a pasted cert\/key, simply hit &#8220;save&#8221; to regenerate the dovecot config for that domain. Then setup the configs: After this verify your domain mail server ssl using https:\/\/www.sslshopper.com\/ssl-checker.html#hostname=mail.hostmayo.com<\/p>\n","protected":false},"author":1,"featured_media":146,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-1537","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-directadmin"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/lookouthost.com\/blog\/wp-json\/wp\/v2\/posts\/1537","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lookouthost.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lookouthost.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lookouthost.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lookouthost.com\/blog\/wp-json\/wp\/v2\/comments?post=1537"}],"version-history":[{"count":3,"href":"https:\/\/lookouthost.com\/blog\/wp-json\/wp\/v2\/posts\/1537\/revisions"}],"predecessor-version":[{"id":1546,"href":"https:\/\/lookouthost.com\/blog\/wp-json\/wp\/v2\/posts\/1537\/revisions\/1546"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/lookouthost.com\/blog\/wp-json\/wp\/v2\/media\/146"}],"wp:attachment":[{"href":"https:\/\/lookouthost.com\/blog\/wp-json\/wp\/v2\/media?parent=1537"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lookouthost.com\/blog\/wp-json\/wp\/v2\/categories?post=1537"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lookouthost.com\/blog\/wp-json\/wp\/v2\/tags?post=1537"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}