-
-
Notifications
You must be signed in to change notification settings - Fork 129
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add ssl certificate from letsencrypt #16
Comments
For now, you can only specify custom SSL certificates within the configuration file: [general]
tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem |
How to proceed if it's intended to add certificates after installation? Is there an (easy) way without the need to dig into postfix or dovecot configs? |
Modify the default values inside installer.cfg and then copy certificate files at the proper location. |
The installer.cfg is part of the installer, right? But I have already installed it (and I removed the installation folder). How can I change these settings afterwards? |
Then you need to modify each configuration file (postfix, dovecot, etc.). |
This is the first result for "modoboa letsencrypt". Really, all this needs to work is a pub .well-known folder somewhere to run and update later (via cron or something). Just tried LE and it wanted to work but I gotta pack for camping and dont have much time to probe modoboa this eve beyond brief tries. |
Ok, I got a min, here is how you do a LE cert:
Then edit
|
please send a Pull Request for this feature. would love to try it |
@hadifarnoud Would like to man, not much time lately though. I would have to further explore the installer itself, figure out how to check for a fail state if LE can't generate a cert or times out, and also support SNI based on added domain(s). Maybe it can be a "standalone" plugin or something instead of at install, dunno. Added a few steps for Dovecot/Postfix above. |
since this is the highest ranked page on LE certificate errors on Google, I'll just point out that while @dhaupin instructions are all correct, if you are using LE, you may need to reboot the server/restart the services after the new certificate is loaded each 90 day period. I was finding it very hard to determine why the mail server (postfix) was still issuing an expired certificate despite the webmail (nginx) certificate being valid, and both pointing to the same file. Something to note on very stable servers! |
Thanks a lot! Worked perfect for me, after that I had already rolled out the server with a self-signed certificate accidently!
|
After updating, a restart is required. |
how can I activate letsencrypt.org certificate on modoboa?
would be great to add this into run.py
The text was updated successfully, but these errors were encountered: