-
-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issue with combined.pem from LE certificates #110
Comments
Hi @DominikTrenz, do you want to submit a PR? |
How do you create the LE certificate ? On many case I use the URL /well-known URL when I have a web server running but here it's not the case, so I don't have this possibility to do that, so I don't know how generate a certificate with LE with a mail server. |
@tomav Maybe i will do so the next days. Thanks for this awesome image btw :)
The proxy-companion sets up the well-known urls in nginx and renews the certificates which are shared with the email server. |
Yes, I also use them, but to generate certificate jrcs/letsencrypt-nginx-proxy-companion and particulary lets encrypt, use an URL for ACME challenge is needed and mail server container is not able to do that. My idea :
|
The ACME challenge should be received just fine if you mounted the /usr/share/nginx/html volume from nginx in the letsencrypt container. At least it works fine with my setup. I also had to modify the letsencrypt image to generate all the necessary certificate files for the mailserver - but that has nothing to do with the ACME challenge and is a bit off-topic :) |
Thanks for help, I will re-open an issue if I have more problem more developed. |
PR #111 fixes the Problem For further reference: my PR in in |
Add eol to letsencrypt provided files [Issue #110]
I had many problems getting the courier server running with LE certificates. After a while i found the problem:
The .pem files from LE are merged into "combined.pem" and when there is no newline at the end of the LE files this happens:
-----END CERTIFICATE----------BEGIN CERTIFICATE-----
Which causes the imap server to fail.
Changing Line 129 in start-mailserver.sh to:
( cat "/etc/letsencrypt/live/$(hostname)/cert.pem"; echo""; cat "/etc/letsencrypt/live/$(hostname)/chain.pem"; echo ""; cat "/etc/letsencrypt/live/$(hostname)/privkey.pem"; echo ) > "/etc/letsencrypt/live/$(hostname)/combined.pem"
solves the problem
The text was updated successfully, but these errors were encountered: