Postfix and multiple SSL certificates

If you ever wanted to use your Postfix with multiple SSL certificates for different domains, here is how.

List of requirements

  • separate IP for each SSL certificate
  • different domains you will use for your mail (say, and
  • separate SSL certificate for each domain

The change will involve:

  • modifying /etc/postfix/
  • modifying /etc/postfix/

Modifying /etc/postfix/

Comment out smtpd_tls_key_file and smtpd_tls_cert_file directives. smtpd_tls_CAfile can stay, if the certificates you’re using are from the same SSL vendor.

Modifying /etc/postfix/

Where you previously had Postfix master listening on all interfaces (for smtp/25, smtps/465, submission/587), and thus, using one SSL certificate (the one defined in /etc/postfix/

You should now modify it to use different IP addresses and different SSL certificates – for example, for and

That’s it! Restart Postfix, and you should be done.

For more

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.