Language:
switch to room list switch to menu My folders
Go to page: First ... 15 16 17 18 [19]
[#] Tue Aug 09 2022 11:24:17 EDT from josephmmmorgan

Subject: Is Citadel multi-tennant?

[Reply] [ReplyQuoted] [Headers] [Print]

Can I host more than one certificate on a single Citadel server?  

That is, can I host    xxx.yyy.com     and    aaa.bbb.com    on the same server just by installing more than one certificate/key pair?

 

 



[#] Tue Aug 09 2022 12:25:45 EDT from mrsfeathers

Subject: Re: Is Citadel multi-tennant?

[Reply] [ReplyQuoted] [Headers] [Print]

if your server can be seen by multiple domains, you can use let's encrypt to request a certificate with multiple domains in it... then just have it be created in /usr/local/citadel/keys i think. it has to be named whatever.crt and whatever.key and they have to have permission for read and write and be owned by whatever user you set up to run citadel. at that point, you can simply add in hostnames to your let's encrypt config and magically have them be supported... at least that's how mine works. ^v^



[#] Tue Aug 09 2022 17:45:26 EDT from josephmmmorgan

Subject: Is Citadel multi-tennant?

[Reply] [ReplyQuoted] [Headers] [Print]

Can I host more than one certificate on a single Citadel server?  

That is, can I host    xxx.yyy.com     and    aaa.bbb.com    on the same server just by installing more than one certificate/key pair?

 

 



[#] Tue Aug 09 2022 17:56:16 EDT from josephmmmorgan

Subject: Re: Is Citadel multi-tennant?

[Reply] [ReplyQuoted] [Headers] [Print]

So instead of something like multi-hosts or SNI, I'll simply need a cert with all the domains supported listed as SANs, correct?

So if I have xxx.com, and yyy.com, when an email comes to xxx.com, will it only be seen by someone having and email, ex.  joe@xxx.com and not also the same joe@yyy.com???

 

Tue Aug 09 2022 12:25:45 EDT from mrsfeathers Subject: Re: Is Citadel multi-tennant?

if your server can be seen by multiple domains, you can use let's encrypt to request a certificate with multiple domains in it... then just have it be created in /usr/local/citadel/keys i think. it has to be named whatever.crt and whatever.key and they have to have permission for read and write and be owned by whatever user you set up to run citadel. at that point, you can simply add in hostnames to your let's encrypt config and magically have them be supported... at least that's how mine works. ^v^



 



[#] Wed Aug 10 2022 10:59:19 EDT from josephmmmorgan

Subject: Re: Is Citadel multi-tennant?

[Reply] [ReplyQuoted] [Headers] [Print]

So instead of something like multi-hosts or SNI, I'll simply need a cert with all the domains supported listed as SANs, correct?

So if I have xxx.com, and yyy.com, when an email comes to xxx.com, will it only be seen by someone having and email, ex.  joe@xxx.com and not also the same joe@yyy.com???

 

Tue Aug 09 2022 12:25:45 EDT from mrsfeathers Subject: Re: Is Citadel multi-tennant?

if your server can be seen by multiple domains, you can use let's encrypt to request a certificate with multiple domains in it... then just have it be created in /usr/local/citadel/keys i think. it has to be named whatever.crt and whatever.key and they have to have permission for read and write and be owned by whatever user you set up to run citadel. at that point, you can simply add in hostnames to your let's encrypt config and magically have them be supported... at least that's how mine works. ^v^



 



[#] Wed Aug 10 2022 14:26:34 EDT from mrsfeathers

Subject: Re: Is Citadel multi-tennant?

[Reply] [ReplyQuoted] [Headers] [Print]

if your server can be seen by multiple domains, you can use let's encrypt to request a certificate with multiple domains in it... then just have it be created in /usr/local/citadel/keys i think. it has to be named whatever.crt and whatever.key and they have to have permission for read and write and be owned by whatever user you set up to run citadel. at that point, you can simply add in hostnames to your let's encrypt config and magically have them be supported... at least that's how mine works. ^v^



[#] Wed Aug 10 2022 14:36:24 EDT from mrsfeathers

Subject: Re: Is Citadel multi-tennant?

[Reply] [ReplyQuoted] [Headers] [Print]

it would CERT-ainly be the easiest way, as afaik citadel was made for small use cases and only takes one cert.. so you'd have to combine them. easiest way to combine them and keep them up to date is lets encrypt.. and the mail server should be visible at least at mail.example1.com and mail.example2.com if you set it up right with multidomains.. and when you request mail.example1.com and mail.example2.com it SHOULD also grant example1.com and example2.com by default... so even if your mail server isn't the main website on the domain, it should work. for me, i have an nginx reverse proxy on my domain.tld and mail is mail.domain.tld and all my certs are handled by the reverse proxy which then just has a cron that rsyncs them to all the other web-facing servers in my network daily, so every system always has up to date certs and if a system fails, i get notified about it via the cron email thingy and i just have the rsync directory be the one that citadel takes its certs from and then just forget about it. of course, make sure you can only log into whatever user via SSH certs and not passwords, because that's safer.

 


[#] Wed Aug 10 2022 16:47:23 EDT from josephmmmorgan

Subject: Re: Is Citadel multi-tennant?

[Reply] [ReplyQuoted] [Headers] [Print]

So instead of something like multi-hosts or SNI, I'll simply need a cert with all the domains supported listed as SANs, correct?

So if I have xxx.com, and yyy.com, when an email comes to xxx.com, will it only be seen by someone having and email, ex.  joe@xxx.com and not also the same joe@yyy.com???

 

Tue Aug 09 2022 12:25:45 EDT from mrsfeathers Subject: Re: Is Citadel multi-tennant?

if your server can be seen by multiple domains, you can use let's encrypt to request a certificate with multiple domains in it... then just have it be created in /usr/local/citadel/keys i think. it has to be named whatever.crt and whatever.key and they have to have permission for read and write and be owned by whatever user you set up to run citadel. at that point, you can simply add in hostnames to your let's encrypt config and magically have them be supported... at least that's how mine works. ^v^



 



[#] Fri Aug 12 2022 15:53:32 EDT from kcclemo

Subject: Redirect all Traffic to HTTPS

[Reply] [ReplyQuoted] [Headers] [Print]

Is there a way to redirect all HTTP traffic on the web client to HTTPS?

Thanks.



[#] Sat Aug 13 2022 11:04:57 EDT from IGnatius T Foobar

Subject: Re: Redirect all Traffic to HTTPS

[Reply] [ReplyQuoted] [Headers] [Print]

Is there a way to redirect all HTTP traffic on the web client to HTTPS?

Not using Citadel by itself, but you can easily do that by putting some other web server on port 80 and redirecting to HTTPS as per the normal method.

 



Go to page: First ... 15 16 17 18 [19]