letsencrypt
dovecot at avv.solutions
dovecot at avv.solutions
Fri Mar 3 19:36:44 UTC 2017
Hello,
Have you considered running getssl bash script?
It is well documented, self-updates automatically, supports https,
imaps, pop3s, ... and can push validation tokens to your web server
using rsync, ftp, ...
See https://github.com/srvrco/getssl/blob/master/README.md
Cheers
On 03/03/2017 08:22 PM, David Mehler wrote:
> Hello,
>
> Thanks. Is there another way of doing this? I've got a web server
> running on 80 and 443. Are there any other options?
>
> Thanks.
> Dave.
>
>
> On 3/3/17, Michael Neurohr <mine at michi.su> wrote:
>> On 2017-03-03 19:07, David Mehler wrote:
>>> Hello,
>>>
>>> I know some users here are using letsencrypt for their CA. If this is
>>> to off topic write me privately.
>>>
>>> I'm wanting letsencrypt to take over as my CA, replacing existing self
>>> signed certificates. I've got web working, a certificate for https
>>> sites and one for webmail as they have different names. What I'm now
>>> wanting to do is get letsencrypt going for my email setup, the smtp
>>> handled by postfix, but mail, and imap I believe are handled by
>>> dovecot.
>>>
>>> With the web it was easy just let apache serve the token that
>>> letsencrypt needed and I got certificates. How do I do this with
>>> regards email?
>> You can use certbot. It has a built in webserver. It allows you to
>> retrieve and renew the certificates automatically. I'm using it for
>> Dovecot and Postfix.
>>
>> See https://certbot.eff.org/
>>
>> I'm doing everything with the following command:
>>
>> certbot/certbot-auto certonly --no-self-upgrade --standalone -n
>> --rsa-key-size 4096 -d domain1.example.com -d domain2.example.com
>> --pre-hook scripts/letsencrypt-pre-hook.sh --post-hook
>> scripts/letsencrypt-post-hook.sh
>>
>> With the pre-hook and post-hook scripts I make sure to open and close
>> the firewall on port 443, and to reload Postfix and Dovecot in case a
>> certificate was update.
>>
>> You can find all information about the flags that I'm using at
>> https://certbot.eff.org/docs/using.html
>>
>> Michael
>>
More information about the dovecot
mailing list