Adding Let's Encrypt to postfix/dovecot

4 posts / 0 new

Topic locked

#1 Sun, 04/10/2016 - 06:11

Johnster

Adding Let's Encrypt to postfix/dovecot

I'm trying to add a ssl cert to postfix/dovecot.

Current setup: host1.serverdomain.com (Not on Virtualmin) domain.com (Already has Let's Encrypt cert)

I tried adding the servers domain to virtualmin to auto add the cert but domain.com starts using the host1.serverdomain.com ssl cert.

How do I fix this?

One external IPv4 address Ubuntu Linux 14.04.3 Webmin version 1.791 Virtualmin version 5.01.gpl

#2 Sun, 04/10/2016 - 07:18

singhdd

You can request the cert for hostname using Webmin Configuration > SSL Settings > Lets Encrypt. In Lets Encrypt you have to manually type domain name as hostname and doc root "/var/www/html/" The it will install a cert for webmin. You can then give postfix, dovecot the paths to cert,key and ca files

#3 Mon, 04/11/2016 - 17:59 (Reply to #2)

Johnster

Thank you for the response. I was able to create the cert and link to the files, however, imap/smtp show "The certificate is not trusted because it hasn't been verified as issued by a trusted authority using a secure signature.". EDIT: Is the letsencrypt-ca.pem file, the same as chain.pem?

Also, is it possible to link mail.domain.com to hostname?

mail.domain.com.   CNAME   hostname.
domain.com.  IN  MX  5 hostname.
domain.com.    IN  TXT "v=spf1 a mx a:domain.com ip4:123.123.123.123 ?all"

#4 Sun, 04/17/2016 - 15:16

johnp_

You probably need to use the fullchain.pem file to also serve the intermediate certificate (letsencrypt X3 or so). The file can be found at /etc/letsencrypt/host.domain.tld/.

Topic locked