how to setup IMAPs with letsencrypt
Narcis Garcia
debianlists at actiu.net
Fri Apr 22 05:00:49 UTC 2022
__________
I'm using this dedicated address because personal addresses aren't
masked enough at this mail public archive. Public archive administrator
should fix this against automated addresses collectors.
El 22/4/22 a les 1:40, Jeremy Ardley ha escrit:
>
> On 22/4/22 7:25 am, alice at coakmail.com wrote:
>> hello
>>
>> I have setup website using letsencrypt for certification.
>> how can I setup IMAP to use this certs as well?
>>
>> Thank you.
>>
> Make entries in /etc/dovecot/conf.d/10-ssl.conf
>
> ssl = required
>
> ssl_cert = </etc/letsencrypt/live/mail.example.com/cert.pem
> ssl_key = </etc/letsencrypt/live/mail.examplel.com/privkey.pem
>
>
> in /etc/dovecot/dovecot.conf or in /etc/dovecot/conf.d/10-ssl.conf
>
> put
>
> ssl_min_protocol = TLSv1.2
> ssl_cipher_list = EECDH+AESGCM:EDH+AESGCM
> ssl_prefer_server_ciphers = yes
>
> You can override the global ssl certificates for specific domains in
> /etc/dovecot/dovecot.conf
>
> local special.example.com {
> protocol imap {
> ssl_cert = </etc/letsencrypt/live/special.example.com/fullchain.pem
> ssl_key = </etc/letsencrypt/live/special.example.com/privkey.pem
>
> }
> }
>
+ You should sure "dovecot" service account has read access to
/etc/letsencrypt/live/special.example.com/privkey.pem
p.e. by adding account to a common group with LE files.
More information about the dovecot
mailing list