how to setup IMAPs with letsencrypt

Markus Winkler ml at
Sun Apr 24 13:27:35 UTC 2022

On 24.04.22 02:45, Richard Hector wrote:
> On 22/04/22 11:57, Joseph Tam wrote:
>> Keep in mind the subject name (CN or SAN AltNames) of your certificate
>> must match your IMAP server name e.g. if your certificate is
>> made for "", you'll have to configure your IMAP
>> clients to also use "" as the IMAP server name.
>> This typically means the web and IMAP server must reside on the
>> same server, otherwise you'll have to use DNS challenge method
>> to support multiple hostnames on the same certificate.
> _A_ web server has to be there. It doesn't have to serve anything else 
> useful. My mail server has a web server that only serves the LE challenge. 
> Well, actually it's a proxy server that serves several other domains too, 
> but there's nothing else served on that domain (at the moment).

if it wasn't already mentioned in this thread: ( has a builtin 
standalone webserver which can be used in such cases, there's no need for 
an additional web server. And Certbot has this functionality too. is a very simple and stable solution - it's just a shell script, no 
dependencies. I'm using it on a number of servers (together with 
Apache/Nginx or with the builtin standalone mode on mail gateways) without 
any problem.


More information about the dovecot mailing list