letsencrypt

[Joseph Tam]

David Mehler <dave.mehler at gmail.com> writes:

> I'm wanting letsencrypt to take over as my CA, replacing existing self
> signed certificates. I've got web working, a certificate for https
> sites and one for webmail as they have different names. What I'm now
> wanting to do is get letsencrypt going for my email setup, the smtp
> handled by postfix, but mail, and imap I believe are handled by
> dovecot.

SMTP is handled by postfix, imap/pop is handled by dovecot.

> With the web it was easy just let apache serve the token that
> letsencrypt needed and I got certificates. How do I do this with
> regards email?

You can do the DNS challenge method if your server has the ability to
update DNS entries, or you can use certbot clients in standalone-mode
that will act as a simple web server just long enough to serve out the
token to complete the authentication.

Joseph Tam <jtam.home at gmail.com>