how to setup IMAPs with letsencrypt
Markus Winkler
ml at irmawi.de
Sun Apr 24 13:27:35 UTC 2022
On 24.04.22 02:45, Richard Hector wrote:
> On 22/04/22 11:57, Joseph Tam wrote:
>> Keep in mind the subject name (CN or SAN AltNames) of your certificate
>> must match your IMAP server name e.g. if your certificate is
>> made for "www.mydomain.com", you'll have to configure your IMAP
>> clients to also use "www.mydomain.com" as the IMAP server name.
>>
>> This typically means the web and IMAP server must reside on the
>> same server, otherwise you'll have to use DNS challenge method
>> to support multiple hostnames on the same certificate.
>
> _A_ web server has to be there. It doesn't have to serve anything else
> useful. My mail server has a web server that only serves the LE challenge.
> Well, actually it's a proxy server that serves several other domains too,
> but there's nothing else served on that domain (at the moment).
if it wasn't already mentioned in this thread:
acme.sh (https://github.com/acmesh-official/acme.sh) has a builtin
standalone webserver which can be used in such cases, there's no need for
an additional web server. And Certbot has this functionality too.
acme.sh is a very simple and stable solution - it's just a shell script, no
dependencies. I'm using it on a number of servers (together with
Apache/Nginx or with the builtin standalone mode on mail gateways) without
any problem.
Regards,
Markus
More information about the dovecot
mailing list