>>> I have setup website using letsencrypt for certification. >>> how can I setup IMAP to use this certs as well? >>> >> Make entries in /etc/dovecot/conf.d/10-ssl.conf >> >> ssl = required >> >> ssl_cert = </etc/letsencrypt/live/mail.example.com/cert.pem >> ssl_key = </etc/letsencrypt/live/mail.examplel.com/privkey.pemKeep in mind the subject name (CN or SAN AltNames) of your certificate must match your IMAP server name e.g. if your certificate is made for "www.mydomain.com", you'll have to configure your IMAP clients to also use "www.mydomain.com" as the IMAP server name. This typically means the web and IMAP server must reside on the same server, otherwise you'll have to use DNS challenge method to support multiple hostnames on the same certificate. Joseph Tam <jtam.home at gmail.com>
On 22/04/22 11:57, Joseph Tam wrote:> Keep in mind the subject name (CN or SAN AltNames) of your certificate > must match your IMAP server name e.g. if your certificate is > made for "www.mydomain.com", you'll have to configure your IMAP > clients to also use "www.mydomain.com" as the IMAP server name. > > This typically means the web and IMAP server must reside on the > same server, otherwise you'll have to use DNS challenge method > to support multiple hostnames on the same certificate._A_ web server has to be there. It doesn't have to serve anything else useful. My mail server has a web server that only serves the LE challenge. Well, actually it's a proxy server that serves several other domains too, but there's nothing else served on that domain (at the moment). Cheers, Richard