similar to: is a self signed certificate always invalid the first time

> On Aug 20, 2017, at 11:52 AM, Stephan von Krawczynski <skraw at ithnet.com> wrote: > > On Sat, 19 Aug 2017 21:39:18 -0400 > KT Walrus <kevin at my.walr.us> wrote: > >>> On Aug 18, 2017, at 4:05 AM, Stephan von Krawczynski <skraw at ithnet.com> >>> wrote: >>> >>> On Fri, 18 Aug 2017 00:24:39 -0700 (PDT) >>> Joseph

> On Aug 18, 2017, at 4:05 AM, Stephan von Krawczynski <skraw at ithnet.com> wrote: > > On Fri, 18 Aug 2017 00:24:39 -0700 (PDT) > Joseph Tam <jtam.home at gmail.com> wrote: > >> Michael Felt <michael at felt.demon.nl> writes: >> >>>> I use acme.sh for all of my LetsEncrypt certs (web & mail), it is >>>> written in pure

> On Aug 20, 2017, at 1:32 PM, Stephan von Krawczynski <skraw at ithnet.com> wrote: > > On Sun, 20 Aug 2017 12:29:49 -0400 > KT Walrus <kevin at my.walr.us> wrote: > >>> On Aug 20, 2017, at 11:52 AM, Stephan von Krawczynski <skraw at ithnet.com> >>> wrote: >>> >>> On Sat, 19 Aug 2017 21:39:18 -0400 >>> KT Walrus

On Sun, 20 Aug 2017 12:29:49 -0400 KT Walrus <kevin at my.walr.us> wrote: > > On Aug 20, 2017, at 11:52 AM, Stephan von Krawczynski <skraw at ithnet.com> > > wrote: > > > > On Sat, 19 Aug 2017 21:39:18 -0400 > > KT Walrus <kevin at my.walr.us> wrote: > > > >>> On Aug 18, 2017, at 4:05 AM, Stephan von Krawczynski <skraw at

On Sat, 19 Aug 2017 21:39:18 -0400 KT Walrus <kevin at my.walr.us> wrote: > > On Aug 18, 2017, at 4:05 AM, Stephan von Krawczynski <skraw at ithnet.com> > > wrote: > > > > On Fri, 18 Aug 2017 00:24:39 -0700 (PDT) > > Joseph Tam <jtam.home at gmail.com> wrote: > > > >> Michael Felt <michael at felt.demon.nl> writes: >

On Fri, 18 Aug 2017 00:24:39 -0700 (PDT) Joseph Tam <jtam.home at gmail.com> wrote: > Michael Felt <michael at felt.demon.nl> writes: > > >> I use acme.sh for all of my LetsEncrypt certs (web & mail), it is > >> written in pure shell script, so no python dependencies. > >> https://github.com/Neilpang/acme.sh > > > > Thanks - I might

On 8/11/2017 11:44 AM, Florian Beer wrote: > On 2017-08-11 11:36, Michael Felt wrote: >> I have looked at let's encrypt. Key issue for me is having to add a >> lot python stuff that would otherwise not be on any server. > > > I use acme.sh for all of my LetsEncrypt certs (web & mail), it is > written in pure shell script, so no python dependencies. >

I have looked at let's encrypt. Key issue for me is having to add a lot python stuff that would otherwise not be on any server. Again, All CA's like "Let's Encrypt" - and others that are accepted by the "majors", e.g., Windows, Mozilla make it much easier for the "random" user to use anything you protect with SSL (better TLS) without them having to

Is there some reason to use a mail.domain.com cert for mail rarher than just using domain.com for everything? Historically the subdomain were used because they were on different hardware. That is www was on one machine and mail was on another. ? Original Message ? From: dovecot at dovecot.org Sent: March 14, 2019 3:56 PM To: dovecot at dovecot.org Reply-to: jtam.home at gmail.com

On Thu, 14 Mar 2019 12:13:15 +0100 "Guido Goluke, MajorLabel via dovecot" <dovecot at dovecot.org> wrote: > Op 14-03-19 om 11:46 schreef mick crane via dovecot: > > Excuse dopey question. > > I'm not exactly clear about certificates. > > Apache2 default install has this snake oil certificate > > Can make a new one for apache > > Can make one

Thanks Michael I will check with the free cert lets encrypt to test it. Remo > Il giorno 7 set 2019, alle ore 02:09, Michael Hallager via dovecot <dovecot at dovecot.org> ha scritto: > > ?On 2019-09-07 12:25, remo--- via dovecot wrote: >> What is the best way to adopt multiple certs? >> Thanks. > > /etc/dovecot/conf.d/10-ssl.conf > > Primary SSL

yacinechaouche at yahoo.com writes: > Interesting. Is there any particular benefit in having only one file > for both certificate and private key ? I find that putting private key > in a separate file feels more secure. It's convenient to have key and cert in one place if you don't need the certificate to be publically readable. Keeping it in separate files would add slightly

On Thu, 10 Aug 2017, Larry Rosenman wrote: > Which mail client on iOS? Sorry, maybe not iOS, but definitely MacOSX Mail app. Joseph Tam <jtam.home at gmail.com>

<master at remort.net> writes: > "writing a script to check the certs" - there is no need to write any > scripts. As one mentioned, it's done by a hook to certbot. Please read > the manuals for LE or certbot. The issue you have is quite common and > of course certbot designed to do it for you. Won't work, of course, if you employ the least-privilege security

On Thu, 14 Mar 2019 09:51:14 -0400 Phil Turmel via dovecot <dovecot at dovecot.org> wrote: > On 3/14/19 7:40 AM, Stephan von Krawczynski via dovecot wrote: > > > Sorry I have to write this, but this is again pointing people in a fake > > security direction. > > You should be sorry, because you are wrong. > > > The only valid authority for a certificate

> Obviously you do not use clustered environments with more than one node > per service. Else you would not call it "it just works", because in > fact the renewal is quite big bs as one node must do the job while all > the others must be _offline_. I'm not sure how you have set up your clustered service, but why do your nodes have to go offline? If these other nodes

HotSlots Webmaster <webmaster at hotslots132.com> writes: > I have had Dovecot working fine with SSL for nearly two years now. It's > time to renew the SSL certificate, so I did (same CA). The new > certificate works fine in Apache and Postfix. But when I update Dovecot > to use the same certificate, and restart the server, Dovecot stops > responding to connects. > ...

Read the docs.... Or, as I said earlier, get a (free) letsencrypt certificate. -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 E-Mail: larryrtx at gmail.com US Mail: 5708 Sabbia Drive, Round Rock, TX 78665-2106 ?On 7/11/18, 6:16 PM, "Teno Deuter" <gvgter at googlemail.com> wrote: this is the result: 250-8BITMIME

Kevin writes: > Appreciate if you could help with this. I have been trying to address this > "slow search" issue for a while with very limited success(I was trying to > implement FTS also), so I will appreciate if you could support. When I'm stumped, one of the diagnostic tools I use is process tracing. Connect via IMAP, in another window/session process trace the IMAP

Alef Veld writes: >> I'm wondering if there is any cache for a certificate or something, my >> maillog shows up something like 10 bytes read, -1. So it returns an >> error. I deleted the accounts and created them again, still no go. >> >> Anyone had anything similar before? On top of the usual mail set up problems (and it appears to be some SSL/STARTLS port