I'm using Debian 8, Dovecot 2.2.13, and I'm struggling to get Virtualmin to add the per-IP SSL config to /etc/dovecot/dovecot.conf. I believe I have everything properly setup, and when I manually add the configuration, the IP/port has SSL and returning the proper certificate. Looking at the source code for virtual-server/feature-ssl.pl, there's a test to see whether or not the configuration should be added:
my $conf = &dovecot::get_config(); my $sslyn = &dovecot::find_value("ssl_disable", $conf); return undef if ($sslyn !~ /yes|required/i);Find the existing block for the IP
my $cfile = &dovecot::get_config_file(); ...
I believe the ssl_disable test is incorrect. It's checking whether or not ssl_disable=yes or ssl_disable=required. This doesn't make sense to me. I'm thinking it should instead be looking for "ssl". If I add ssl_disable=yes|required to my conf.d/10-ssl.conf, the per-IP SSL configuration is written out, but actually attempting to use Dovecot with ssl_disable set causes problems with authentication on port 143 and 110 (returns LOGINDISABLED).
I'm currently working around this with a post-add/modify/delete hook that writes out the per-IP SSL config file to /etc/dovecot/conf.d/(domain).conf.