Cyrus IMAP server and multiple SSL certificates

If you ever wanted to use your Cyrus IMAP server with multiple SSL certificates for different domains, here is how.

List of requirements

  • separate IP for each SSL certificate
  • different domains you will use for your mail (say, example.com and example2.com)
  • separate SSL certificates for each domain


The change will involve:

  • modifying /etc/cyrus.conf
  • using an additional imapd.conf file

Modifying /etc/cyrus.conf

Where you previously had cyrmaster listening on all interfaces (as defined in SERVICES { … } section), and thus, using one SSL certificate:

You should now modify it to use different IP addresses and different imapd.conf files, where necessary – for example:

using an additional imapd.conf file

Copy /etc/impad.conf to /etc/imapd.example.com.conf, and modify just the directives concerning the SSL certificate:

That’s it! Restart Cyrus, and you should be done.

For information on how to set up Postfix to use multiple certificates, see this article.