letsencrypt
Jeff Kletsky
dovecot at allycomm.com
Fri Mar 3 22:23:26 UTC 2017
You can either drop the authentication token into /.wellknown on your
running server, or take down the server for a minute to run certbot
every couple months.
I'm not a fan of symlinks out of config directories and certainly not
across chroot / jail boundaries so I manually copy the certs into the
a subdirectory of the dovecot config directory.
Here's the segment from my local.conf file. The notes on permission
choices are mine and are stronger than many suggest.
---
# Preferred permissions: root:wheel 0444
ssl_cert = </usr/local/etc/dovecot/<some_meaningful_name>/fullchain.pem
# Preferred permissions: root:wheel 0400
ssl_key = </usr/local/etc/dovecot/<some_meaningful_name>/privkey.pem
---
FreeBSD uses a different directory structure than most Linux-based
systems, so the path to the dovecot config directory may be different
for you.
I didn't ever find any documentation of the 'var = <file' notation
but it take it to mean read the contents of the file into the variable
Jeff
On 3/3/17 11:22 AM, David Mehler wrote:
> Hello,
>
> Thanks. Is there another way of doing this? I've got a web server
> running on 80 and 443. Are there any other options?
>
> Thanks.
> Dave.
>
More information about the dovecot
mailing list