how to setup IMAPs with letsencrypt

Narcis Garcia debianlists at actiu.net
Fri Apr 22 05:00:49 UTC 2022


__________
I'm using this dedicated address because personal addresses aren't 
masked enough at this mail public archive. Public archive administrator 
should fix this against automated addresses collectors.
El 22/4/22 a les 1:40, Jeremy Ardley ha escrit:
> 
> On 22/4/22 7:25 am, alice at coakmail.com wrote:
>> hello
>>
>> I have setup website using letsencrypt for certification.
>> how can I setup IMAP to use this certs as well?
>>
>> Thank you.
>>
> Make entries in /etc/dovecot/conf.d/10-ssl.conf
> 
> ssl = required
> 
> ssl_cert = </etc/letsencrypt/live/mail.example.com/cert.pem
> ssl_key = </etc/letsencrypt/live/mail.examplel.com/privkey.pem
> 
> 
> in /etc/dovecot/dovecot.conf or in /etc/dovecot/conf.d/10-ssl.conf
> 
> put
> 
> ssl_min_protocol = TLSv1.2
> ssl_cipher_list = EECDH+AESGCM:EDH+AESGCM
> ssl_prefer_server_ciphers = yes
> 
> You can override the global ssl certificates for specific domains in 
> /etc/dovecot/dovecot.conf
> 
> local special.example.com {
>    protocol imap {
>      ssl_cert = </etc/letsencrypt/live/special.example.com/fullchain.pem
>      ssl_key = </etc/letsencrypt/live/special.example.com/privkey.pem
> 
>    }
> }
> 

+ You should sure "dovecot" service account has read access to 
/etc/letsencrypt/live/special.example.com/privkey.pem
p.e. by adding account to a common group with LE files.


More information about the dovecot mailing list